Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
7-23
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 7 Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT)
SenderBase Settings and Mail Flow Policies
Step 7
Submit and commit your changes.
SenderBase Settings and Mail Flow Policies
In order to classify connections to the appliance and apply mail flow policies (which may or may not
contain rate limiting), a listener uses the following methodology:
contain rate limiting), a listener uses the following methodology:
Classification -> Sender Group -> Mail Flow Policy -> Rate Limiting
For more information, see
.
The “Classification” stage uses the sending host’s IP address to classify an inbound SMTP session
(received on a public listener) into a Sender Group. The Mail Flow Policy associated with that Sender
Group may have parameters for rate limiting enabled. (Rate limiting limits the maximum number of
messages per session, the maximum number of recipients per message, the maximum message size,
and/or the maximum number of concurrent connections you are willing to accept from a remote host.)
(received on a public listener) into a Sender Group. The Mail Flow Policy associated with that Sender
Group may have parameters for rate limiting enabled. (Rate limiting limits the maximum number of
messages per session, the maximum number of recipients per message, the maximum message size,
and/or the maximum number of concurrent connections you are willing to accept from a remote host.)
Normally, in this process, recipients are counted against each sender in the corresponding named sender
group. If mail is received from several senders in the same hour, the total recipients for all senders is
compared against the limit.
group. If mail is received from several senders in the same hour, the total recipients for all senders is
compared against the limit.
There are some exceptions to this counting methodology:
•
If the classification is done by Network Owner, then the SenderBase Reputation Service will
automatically divide a large block of addresses into smaller blocks.
automatically divide a large block of addresses into smaller blocks.
Counting of recipients and recipient rate limiting is done separately for each of these smaller blocks
(usually, but not always, the equivalent of a /24 CIDR block).
(usually, but not always, the equivalent of a /24 CIDR block).
•
If the HAT Significant Bits feature is used. In this case, a large block of addresses may be divided
into smaller blocks by applying the significant bits parameter associated with the policy.
into smaller blocks by applying the significant bits parameter associated with the policy.
Note that this parameter relates to the Mail Flow Policy -> Rate Limiting phase. It is not the same
as the “bits” field in the “network/bits” CIDR notation that may be used to classify IP addresses in
a Sender Group.
as the “bits” field in the “network/bits” CIDR notation that may be used to classify IP addresses in
a Sender Group.
By default, SenderBase Reputation Service and IP Profiling support are enabled for public listeners and
disabled for private listeners.
disabled for private listeners.
Related Topics
•
•
Timeouts for SenderBase Queries
When you configure a listener, you can determine how long the appliance caches information queried
from the SenderBase Reputation Service. Then when you configure a mail flow policy, you can enable
SenderBase to allow it to control the flow of mail into the listener.
from the SenderBase Reputation Service. Then when you configure a mail flow policy, you can enable
SenderBase to allow it to control the flow of mail into the listener.
Enable SenderBase in a mail flow policy in the GUI using the “Use SenderBase for Flow Control” setting
when you configure a mail flow policy, or in the CLI using the
when you configure a mail flow policy, or in the CLI using the
listenerconfig > hostaccess > edit
command.