Cisco Cisco Email Security Appliance C160 Guia Do Utilizador
7-18
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 7 Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT)
Handling Messages from a Group of Senders in the Same Manner
SMTP Authentication
Allows, disallow, or requires SMTP Authentication from remote hosts
connecting to the listener. SMTP Authentication is described in detail
in the “LDAP Queries” chapter.
connecting to the listener. SMTP Authentication is described in detail
in the “LDAP Queries” chapter.
If Both TLS and SMTP
Authentication are enabled:
Authentication are enabled:
Require TLS to offer SMTP Authentication.
Domain Key Signing
Domain Key/ DKIM Signing Enable Domain Keys or DKIM signing on this listener (ACCEPT and
RELAY only).
DKIM Verification
Enable DKIM verification.
SPF/SIDF Verification
Enable SPF/SIDF
Verification
Verification
Enable SPF/SIDF signing on this listener. For more information, see the
“Email Authentication” chapter.
“Email Authentication” chapter.
Conformance Level
Set the SPF/SIDF conformance level. You can choose from SPF, SIDF
or SIDF Compatible. For details, see the “Email Authentication”
chapter.
or SIDF Compatible. For details, see the “Email Authentication”
chapter.
Downgrade PRA
verification result if
'Resent-Sender:' or
'Resent-From:' were used:
verification result if
'Resent-Sender:' or
'Resent-From:' were used:
If you choose a conformance level of SIDF compatible, configure
whether you want to downgrade Pass result of the PRA Identity
verification to None if there are Resent-Sender: or Resent-From:
headers present in the message. You may choose this option for security
purposes.
whether you want to downgrade Pass result of the PRA Identity
verification to None if there are Resent-Sender: or Resent-From:
headers present in the message. You may choose this option for security
purposes.
HELO Test
Configure whether you want to perform a test against the HELO
identity (Use this for SPF and SIDF Compatible conformance levels).
identity (Use this for SPF and SIDF Compatible conformance levels).
DMARC Verification
Enable DMARC Verification Enable DMARC verification on this listener. For more information, see
Use DMARC Verification
Profile
Profile
Select the DMARC verification profile that you want to use on this
listener.
listener.
DMARC Feedback Reports
Enable sending of DMARC aggregate feedback reports.
For more information about DMARC aggregate feedback report, see
Note
DMARC specification requires the feedback report messages to
be DMARC compliant. Make sure that these messages are
DKIM signed or you must publish appropriate SPF records.
be DMARC compliant. Make sure that these messages are
DKIM signed or you must publish appropriate SPF records.
Untagged Bounces
Consider Untagged Bounces
to be Valid
to be Valid
Applies only if bounce verification tagging (discussed in the
“Configuring Routing and Delivery Features” chapter) is enabled. By
default, the appliance considers untagged bounces invalid and either
rejects the bounce or adds a custom header, depending on the Bounce
Verification settings. If you choose to consider untagged bounces to be
valid, the appliance accepts the bounce message.
“Configuring Routing and Delivery Features” chapter) is enabled. By
default, the appliance considers untagged bounces invalid and either
rejects the bounce or adds a custom header, depending on the Bounce
Verification settings. If you choose to consider untagged bounces to be
valid, the appliance accepts the bounce message.
Envelope Sender DNS Verification
See
Table 7-8
Mail Flow Policy Parameters (continued)
Parameter
Description