Руководство Пользователя для Cisco Cisco Email Security Appliance C380
21-27
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 21 Email Authentication
Enabling SPF and SIDF
The following SPF control settings are available for the Host Access Table:
The appliance performs the HELO identity check and accepts the None and Neutral verification results
and rejects the others. The CLI prompts for the SMTP actions are the same for all identity types. The
user does not define the SMTP actions for the MAIL FROM identity. The appliance automatically
accepts all verification results for the identity. The appliance uses the default reject code and text for all
REJECT results.
and rejects the others. The CLI prompts for the SMTP actions are the same for all identity types. The
user does not define the SMTP actions for the MAIL FROM identity. The appliance automatically
accepts all verification results for the identity. The appliance uses the default reject code and text for all
REJECT results.
You can also configure this in the command-line interface using the
listenerconfig
command.
The Received-SPF Header
When you configure AsyncOS for SPF/SIDF verification, it places an SPF/SIDF verification header
(
(
Received-SPF
) in the email. The
Received-SPF
header contains the following information:
Table 21-3
SPF Control Settings via the CLI
Conformance Level
Available SPF Control Settings
SPF Only
•
whether to perform HELO identity check
•
SMTP actions taken based on the results of the
following identity checks:
following identity checks:
–
HELO identity (if enabled)
–
MAIL FROM Identity
•
SMTP response code and text returned for the REJECT
action
action
•
verification time out (in seconds)
SIDF Compatible
•
whether to perform a HELO identity check
•
whether the verification downgrades a Pass result of the
PRA identity to None if the Resent-Sender: or
Resent-From: headers are present in the message
PRA identity to None if the Resent-Sender: or
Resent-From: headers are present in the message
•
SMTP actions taken based on the results of the
following identity checks:
following identity checks:
–
HELO identity (if enabled)
–
MAIL FROM Identity
–
PRA Identity
•
SMTP response code and text returned for the REJECT
action
action
•
verification timeout (in seconds)
SIDF Strict
•
SMTP actions taken based on the results of the
following identity checks:
following identity checks:
–
MAIL FROM Identity
–
PRA Identity
•
SMTP response code and text returned in case of SPF
REJECT action
REJECT action
•
verification timeout (in seconds)