Cisco Cisco FirePOWER Appliance 8130

Note also that when the values for the 

, 

, 

, or 

 options are different in an intrusion policy 

associated with the default action of an access control policy and intrusion policies associated with 
access control rules, the highest value is used. See 

, and 

 for more information.

If no preprocessor rule is mentioned, the option is not associated with a preprocessor rule.

Specifies the ports whose SMTP traffic you want to normalize. You can specify an integer from 0 to 
65535. Separate multiple ports with commas.

Any port you add to the SMTP 

 list should also be added to the TCP client reassembly 

list for each TCP policy. For more information on configuring TCP reassembly ports, see 

When selected, causes SMTP decoder to save state and provide session context for individual 
packets and only inspects reassembled sessions. When cleared, analyzes each individual packet 
without session context.

When set to All, normalizes all commands. Checks for more than one space character after a 
command.

When set to None, normalizes no commands.

When set to Cmds, normalizes the commands listed in 

.

When 

 is set to Cmds, normalizes the listed commands. 

Specify commands which should be normalized in the text box. Checks for more than one space 
character after a command. 

The space (ASCII 0x20) and tab (ASCII 0x09) characters count as space characters for 
normalization purposes. 

Does not process mail data; processes only MIME mail header data.

Does not process data encrypted under the Transport Layer Security protocol.

Disables intrusion events when accompanying preprocessor rules are enabled.

Detects unknown commands in SMTP traffic.

You can enable rules 124:5 and 124:6 to generate events for this option. See 

 for more information.