Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

IronPort AsyncOS supports Sender Policy Framework (SPF) and Sender ID 
Framework (SIDF) verification. SPF and SIDF are methods for verifying 
authenticity of email based on DNS records. SPF and SIDF allow the owner of an 
Internet domain to use a special format of DNS TXT records to specify which 
machines are authorized to transmit email for that domain. 

When you use SPF/SIDF authentication, the senders publish SPF records 
specifying which hosts are permitted to use their names, and compliant mail 
receivers use the published SPF records to test the authorization of the sending 
Mail Transfer Agent’s identity during a mail transaction. 

Because SPF checks require parsing and evaluation, AsyncOS performance may 
be impacted. In addition, be aware that SPF checks increase the load on your DNS 
infrastructure.

When you work with SPF and SIDF, note that SIDF is similar to SPF, but it has 
some differences. To get a full description of the differences between SIDF and 
SPF, see RFC 

4406. F

or the purposes of this documentation, the two terms are 

discussed together except in the cases where only one type of verification applies.

AsyncOS does not support SPF for incoming relays, and AsyncOS does not 
support SPF for IPv6.

To use SPF and SIDF with an IronPort appliance, publish the SPF record 
according to the RFCs 4406 and 4408. Review RFC 4407 for a definition of how 
the PRA identity is determined. You may also want to refer to the following 
website to view common mistakes made when creating SPF and SIDF records:

http://www.openspf.org/FAQ/Common_mistakes