Cisco Cisco Email Security Appliance X1070 Guia Do Utilizador
5-10
Cisco IronPort AsyncOS 7.6 for Email Advanced Configuration Guide
OL-25137-01
Chapter 5 Email Authentication
Step 8
Select the list of headers to sign. You can select from the following headers:
•
All. AsyncOS signs all the headers present at the time of signature. You may want to sign all headers
if you do not expect headers to be added or removed in transit.
if you do not expect headers to be added or removed in transit.
•
Standard. You may want to select the standard headers if you expect that headers may be added or
removed in transit. AsyncOS signs only the following standard headers (if the header is not present
in the message, the DKIM signature indicates a null value for the header):
removed in transit. AsyncOS signs only the following standard headers (if the header is not present
in the message, the DKIM signature indicates a null value for the header):
–
From
–
Sender, Reply To-
–
Subject
–
Date, Message-ID
–
To, Cc
–
MIME-Version
–
Content-Type, Content-Transfer-Encoding, Content-ID, Content-Description
–
Resent-Date, Resent-From, Resent-Sender, Resent-To, Resent-cc, Resent-Message-ID
–
In-Reply-To, References
–
List-Id, List-Help, List-Unsubscribe, LIst-Subscribe, List-Post, List-Owner, List-Archive
Note
When you select “Standard”, you can add additional headers to sign.
Step 9
Specify how to sign the message body. You can choose to sign the message body, and/or how many bytes
to sign. Select one of the following options:
to sign. Select one of the following options:
•
Whole Body Implied. Do not use the “l=” tag to determine body length. The entire message is
signed and no changes are allowed.
signed and no changes are allowed.
•
Whole Body Auto-determined. The entire message body is signed, and appending some additional
data to the end of body is allowed during transit.
data to the end of body is allowed during transit.
•
Sign first _ bytes. Sign the message body up to the specified number of bytes.
Step 10
Select the tags you want to include in the message signature’s header field. The information stored in
these tags are used for message signature verification. Select one or more of the following options:
these tags are used for message signature verification. Select one or more of the following options:
•
“i” Tag. The identity of the user or agent (e.g., a mailing list manager) on behalf of which this
message is signed. Enter the domain name prepended with the
message is signed. Enter the domain name prepended with the
@
symbol, such as the domain
@example.com
.
•
“q” Tag. A colon-separated list of query methods used to retrieve the public key. Currently, the only
valid value is dns/txt.
valid value is dns/txt.
•
“t” Tag. A timestamp for when the signature was created.
•
“x” Tag. The absolute date and time when the signature expires. Specify an expiration time (in
seconds) for the signature. The default is
seconds) for the signature. The default is
31536000
seconds.
•
“z” Tag. A vertical bar-separated (i.e.,
|
) list of header fields present when the message was signed.
This includes the names of the header fields and their values. For example:
z=From:admin@example.come|To:joe@example.com|
Subject:test%20message|Date:Date:August%2026,%202011%205:30:02%20PM%20-0700
Step 11
Enter users (email addresses, hosts, etc.) that will use the domain profile for signing.