Руководство Пользователя для Cisco Cisco Email Security Appliance C170

This feature is also displayed when editing any mail flow policy in the GUI, 
providing that LDAP queries have been configured on the corresponding listener:

Entering a number of invalid recipients per hour enables DHAP for that mail flow 
policy. By default, 25 invalid recipients per hour are allowed for public listeners. 
For private listeners, the maximum invalid recipients per hour is unlimited by 
default. Setting it to “Unlimited” means that DHAP is not enabled for that mail 
flow policy.

AsyncOS provides support for SMTP authentication. SMTP Auth is a mechanism 
for authenticating clients connected to an SMTP server.

The practical use of this mechanism is that users at a given organization are able 
to send mail using that entity’s mail servers even if they are connecting remotely 
(e.g. from home or while traveling). Mail User Agents (MUAs) can issue an 
authentication request (challenge/response) when attempting to send a piece of 
mail. 

Users can also use SMTP authentication for outgoing mail relays. This allows the 
IronPort appliance to make a secure connection to a relay server in configurations 
where the appliance is not at the edge of the network.

AsyncOS complies with RFC 2554 which defines how an authentication 
command may be given in an SMTP conversation, the responses to the 
negotiation, and any error codes that may need to be generated. 

AsyncOS supports two methods to authenticate user credentials:

You can use an LDAP directory.

You can use a different SMTP server (SMTP Auth forwarding and SMTP 
Auth outgoing).