Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

For more information, see 

The S/MIME Gateway Message Verified rule checks if a message is successfully verified, decrypted, or 
decrypted and verified. The following message filter checks if the message is an S/MIME message and 
quarantines it if the verification or decryption using S/MIME fails.

quarantine_smime_messages:

if (smime-gateway-message and not smime-gateway-verified) {

quarantine("Policy"); 

}

For more information, see 

The 

workqueue-count

 rule checks the workqueue-count against a specified value. All the comparison 

operators are allowed, such as 

>

, 

==

, 

<=,

 and so forth. 

The following filter checks the workqueue count, and skips spam check if the queue is greater than the 
specified number.

For more information on SPF/SIDF, see 

.

If your Cisco appliance uses SMTP authentication to send messages, the 

smtp-auth-id-matches

 

(

<target> [, <sieve-char>]

)

rule can check a message’s headers and Envelope Sender against the 

sender’s SMTP authenticated user ID to identify outgoing messages with spoofed headers. This filter 
allows the system to quarantine or block potentially spoofed messages.

The 

smtp-auth-id-matches 

rule compares the SMTP authenticated ID against the following targets: 

 wqfull: 

if (workqueue-count > 1000) {

 skip-spamcheck();

}

*EnvelopeFrom

Compares the address of the Envelope Sender (also known 
as MAIL FROM) in the SMTP conversation

*FromAddress

Compares the addresses parsed out of the From header. 
Since multiple addresses are permitted in the From: 
header, only one has to match.

*Sender

Compares the address specified in the Sender header.