Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

The Email Security appliance supports the use of client certificates to authenticate SMTP sessions 
between the Email Security appliance and users’ mail clients.

When creating an SMTP authentication profile, you select the Certificate Authentication LDAP query to 
use for verifying the certificate. You can also specify whether the Email Security appliance falls back to 
the SMTP AUTH command to authenticate the user if a client certificate isn’t available.

If your organization uses client certificates to authenticate users, you have the option of using the SMTP 
Authentication query to check whether a user who doesn’t have a client certificate can send mail as long 
as their record specifies that it’s allowed. 

See 

 for more information.

SMTP Authentication can also be used to provide validation for an outbound mail relay, using a 
username and password. Create an ‘outgoing’ SMTP authentication profile and then attach the profile to 
an SMTP route for the ALL domain. On each mail delivery attempt, the appliance will log on to the 
upstream mail relay with the necessary credentials. SMTP authentication supports the following 
authorization protocols: PLAIN and LOGIN.

Choose Network > SMTP Authentication. 

Click Add Profile. 

Enter a unique name for the SMTP authentication profile. 

For the Profile Type, select Outgoing. 

Click Next.

Do you want to modify the SMTP RCPT TO reject response in this case?

[N]> y

Enter the SMTP code to use in the response. 550 is the standard code.

[550]> 551

Enter your custom SMTP response. Press Enter on a blank line to finish.

Sender rejected due to local mail policy.

Contact your mail admin for assistance.