Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

More settings are available via the CLI. See 

 for more information.

If you choose a conformance level of SIDF-compatible, configure whether the 
verification downgrades a Pass result of the PRA identity to None if there are 
Resent-Sender: or Resent-From: headers present in the message. You might 
choose this option for security purposes.

If you choose a conformance level of SPF, configure whether to perform a test 
against the HELO identity. You might use this option to improve performance by 
disabling the HELO check. This can be useful because the 

spf-passed

 filter rule 

checks the PRA or the MAIL FROM Identities first. The appliance only performs 
the HELO check for the SPF conformance level.

SIDF

The SPF/SIDF verification behaves according to 
RFC4406.

-The PRA Identity is determined with full conformance 
to the standard.

- SPF v1.0 records are treated as spf2.0/mfrom,pra.

- For a nonexistent domain or a malformed identity, a 
verdict of Fail is returned.

SIDF Compatible

The SPF/SIDF verification behaves according to 
RFC4406 except for the following differences:

- SPF v1.0 records are treated as spf2.0/mfrom.

- For a nonexistent domain or a malformed identity, a 
verdict of None is returned.

NOTE: This conformance option was introduced at the 
request of the OpenSPF community 
(www.openspf.org).