Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

For example, suppose you configure four DNS servers, with two of them at 
priority 0, one at priority 1, and one at priority 2:

AsyncOS will randomly choose between the two servers at priority 0. If one of the 
priority 0 servers is down, the other will be used. If both of the priority 0 servers 
are down, the priority 1 server (1.2.3.6) is used, and then, finally, the priority 2 
(1.2.3.7) server.

The timeout period is the same for both priority 0 servers, longer for the priority 
1 server, and longer still for the priority 2 server.

The IronPort AsyncOS DNS resolver is designed to accommodate the large 
number of simultaneous DNS connections required for high-performance email 
delivery.

If you choose to set the default DNS server to something other than the Internet 
root servers, that server must be able to recursively resolve queries for domains 
for which it is not an authoritative server.

The IronPort appliance attempts to perform a “double DNS lookup” on all remote 
hosts connecting to a listener for the purposes of sending or receiving email. [That 
is: the system acquires and verifies the validity of the remote host's IP address by 
performing a double DNS lookup. This consists of a reverse DNS (PTR) lookup 
on the IP address of the connecting host, followed by a forward DNS (A) lookup 
on the results of the PTR lookup. The system then checks that the results of the A 
lookup match the results of the PTR lookup. If the results do not match, or if an 

0

1.2.3.4, 1.2.3.5

5, 5

1

1.2.3.6

10

2

1.2.3.7

45