Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
20-18
Cisco AsyncOS 9.1 for Email User Guide
Chapter 20 Email Authentication
How to Verify Incoming Messages Using DKIM
•
A name for the verification profile.
•
The smallest and largest acceptable public key size. The default key sizes are 512 and 2048,
respectively.
respectively.
•
The maximum number of signatures in the message to verify. If a message has more signatures than
the maximum amount you defined, the appliance skips verification of the remaining signatures and
continues to process the message. The default is 5 signatures.
the maximum amount you defined, the appliance skips verification of the remaining signatures and
continues to process the message. The default is 5 signatures.
•
The maximum allowed difference in time (in seconds) between the sender’s system time and
verifier’s. For example, if the message signature expires at 05:00:00 and the verifier’s system time
is 05:00:30, the message signature is still valid if the allowed difference in time is 60 seconds but it
is invalid if the allowed difference is 10 seconds. The default is 60 seconds.
verifier’s. For example, if the message signature expires at 05:00:00 and the verifier’s system time
is 05:00:30, the message signature is still valid if the allowed difference in time is 60 seconds but it
is invalid if the allowed difference is 10 seconds. The default is 60 seconds.
•
An option whether to use a body length parameter.
•
The SMTP action to take in case of a temporary failure.
•
The SMTP action to take in case of a permanent failure.
You can search through all of your existing verification profiles by the profile name.
You can export your DKIM verification profiles as a text file in your appliance’s configure directory.
When you export the verification profiles, all of the profiles existing on the appliance are put into a single
text file. See
When you export the verification profiles, all of the profiles existing on the appliance are put into a single
text file. See
You can import DKIM verification profiles that you previously exported. Importing DKIM verification
profiles causes all of the current DKIM verification profiles on the machine to be replaced. See
profiles causes all of the current DKIM verification profiles on the machine to be replaced. See
for more information.
Related Topics
•
•
•
•
•
Creating a DKIM Verification Profile
Procedure
Step 1
Click Mail Policies > Verification Profiles.
Step 2
Click Add Profile.
Step 3
Enter the name of the profile.
Step 4
Select the minimum key size you want the appliance to accept for signing keys.
Step 5
Select the maximum key size you want the appliance to accept for signing keys.
Step 6
Select the maximum number of signatures to verify in a single message. The default is five signatures.
Step 7
Select the number of seconds before the key query times out. The default is 10 seconds.
Step 8
Select maximum allowed difference in time (in seconds) between the sender’s system time and verifier’s.
The default is 60 seconds.
The default is 60 seconds.
Step 9
Select whether to use the body-length parameter in the signature to verify the message.