Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

7-29

User Guide for AsyncOS 9.8 for Cisco Email Security Appliances

Chapter 7 Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT)

Verifying Senders

Table 7-9

shows the suggested settings for implementing sender verification:

Related Topics

•

Throttling Messages from Unverified Senders Using the SUSPECTLIST Sender Group, page 7-29

•

Implementing More Stringent Throttling Settings for Unverified Senders, page 7-30

•

Defining Messages to Send to Unverified Senders Using the ACCEPTED Mail Flow Policy,
page 7-30

•

Excluding Unverified Senders from Sender Verification Rules Based on Sender’s Email Address,
page 7-30

•

Searching for Addresses within the Sender Verification Exception Table, page 7-31

Throttling Messages from Unverified Senders Using the SUSPECTLIST Sender Group

Procedure

Step 1

Select Mail Policies > HAT Overview.

Step 2

Click SUSPECTLIST in the list of sender groups.

Step 3

Click Edit Settings.

Step 4

Select the THROTTLED policy from the list.

Step 5

Check the “Connecting host reverse DNS lookup (PTR) does not match the forward DNS lookup (A)”
checkbox under Connecting Host DNS Verification.

Step 6

Submit and commit your changes.

Now, senders for which reverse DNS lookups fail will match the SUSPECTLIST sender group and will
receive the default action from the THROTTLED mail flow policy.

Table 7-9

Sender Verification: Suggested Settings

Sender Group

Policy

Include

UNVERIFIED

SUSPECTLIST

THROTTLEMORE

THROTTLED

Prior to SMTP conversation:

Connecting host PTR record does not exist in the DNS.

Connecting host reverse DNS lookup (PTR) does not match
the forward DNS lookup (A).

ACCEPTED

Envelope Sender Verification during SMTP conversation:

- Malformed MAIL FROM:

- Envelope sender does not exist in DNS.

- Envelope sender DNS does not resolve.