Руководство Пользователя для Cisco Cisco Email Security Appliance C170

In most cases, you can use this feature to define sender groups broadly — that is, large groups of IP 
addresses such as “10.1.1.0/24” or “10.1.0.0/16” — while applying mail flow rate limiting narrowly to 
smaller groups of IP addresses. 

The HAT Significant Bits feature corresponds to these components of the system:

There are two parts of HAT configuration: sender groups and mail flow policies. Sender group 
configuration defines how a sender's IP address is “classified” (put in a sender group). Mail flow policy 
configuration defines how the SMTP session from that IP address is controlled. When using this feature, 
an IP address may be “classified in a CIDR block” (e.g. 10.1.1.0/24) sender group while being controlled 
as an individual host (/32). This is done via the “signficant_bits” policy configuration setting. 

The HAT syntax allows for the signficant_bits configuration option. When editing the default or a 
specific mail flow policy in a HAT (for example, when issuing the 

listenerconfig -> edit -> 

hostaccess -> default

 command) the following questions appear if:

rate limiting is enabled, and 

using SenderBase for flow control is disabled, or

Directory Harvest Attack Prevention (DHAP) is enabled for a mail flow policy (default or 
specific mail flow policy) 

 For example:

This feature also appears in the GUI in the Mail Policies > Mail Flow Policies page. 

Do you want to enable rate limiting per host?  [N]> y

Enter the maximum number of recipients per hour from a remote host.

[]> 2345

Would you like to specify a custom SMTP limit exceeded response? [Y]> n

Would you like to use SenderBase for flow control by default?  [N]> n

Would you like to group hosts by the similarity of their IP addresses?  [N]> y

Enter the number of bits of IP address to treat as significant, from 0 to 32.

[24]>