Руководство Пользователя для Cisco Cisco Email Security Appliance C160
9-27
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 9 Using Message Filters to Enforce Email Policies
Message Filter Rules
As a convenience, the size measurement may be specified with a suffix:
Remote IP Rule
The
remote-ip
rule tests to see if the IP address of the host that sent that message matches a certain
pattern. The IP address can be either Internet Protocol version 4 (IPv4) or Internet Protocol version 6
(IPv6). The IP address pattern is specified using the allowed hosts notation described in “Sender Group
Syntax”, except for the
(IPv6). The IP address pattern is specified using the allowed hosts notation described in “Sender Group
Syntax”, except for the
SBO
,
SBRS
,
dnslist
notations and the special keyword
ALL
.
The allowed hosts notation can only identify sequences and numeric ranges of IP addresses (not
hostnames). For example, the following filter bounces any message not injected from IP addresses of
form
hostnames). For example, the following filter bounces any message not injected from IP addresses of
form
10.1.1.
x where
X
is
50
,
51
,
52
,
53
,
54
, or
55
.
Receiving Listener Rule
The
recv-listener
rule selects those messages received on the named listener. The listener name must
be the nickname of one of the listeners currently configured on the system. For example, the following
filter immediately delivers any message arriving from the listener named
filter immediately delivers any message arriving from the listener named
expedite
.
Quantity
Description
10b
ten bytes (same as 10)
13k
thirteen kilobytes
5M
five megabytes
40G
40 gigabytes (Note: The Cisco appliance cannot accept messages larger than 100
megabytes.)
megabytes.)
notMineFilter:
if (remote-ip != '10.1.1.50-55')
{
bounce();
}
expediteFilter:
if (recv-listener == 'expedite')
{
skip-filters();
}