Cisco Cisco Content Security Management Appliance M690 用户指南
12-2
AsyncOS 8.4 for Cisco Content Security Management Appliances User Guide
Chapter 12 Configuring SMTP Routing
Routing Email for Local Domains
The SMTP Routes table is read from the top down for every email delivery. The most specific entry that
matches a mapping wins. For example, if there are mappings for both
matches a mapping wins. For example, if there are mappings for both
host1.example.com
and
example.com
in the SMTP Routes table, the entry for
host1.example.com
will be used because it is the
more specific entry — even if it appears after the less specific
example.com
entry. Otherwise, the system
performs a regular MX lookup on the domain of the Envelope Recipient.
SMTP Routes, Mail Delivery, and Message Splintering
Incoming: if one message has 10 recipients and they are all on the same Exchange server, AsyncOS will
open one TCP connection and present exactly one message to the mail store, not 10 separate messages.
open one TCP connection and present exactly one message to the mail store, not 10 separate messages.
Outgoing: works similarly, but if one message is going to 10 recipients in 10 different domains, AsyncOS
will open 10 connections to 10 MTAs and deliver them one email each.
will open 10 connections to 10 MTAs and deliver them one email each.
Splintering: if one incoming message has 10 recipients and they are each in separate Incoming Policy
groups (10 groups), the message will splinter even if all 10 recipients are on the same Exchange server.
Thus, 10 separate emails will be delivered over a single TCP connection.
groups (10 groups), the message will splinter even if all 10 recipients are on the same Exchange server.
Thus, 10 separate emails will be delivered over a single TCP connection.
SMTP Routes and Outbound SMTP Authentication
If an Outbound SMTP Authentication profile has been created, you can apply it to an SMTP Route. This
allows authentication for outgoing mail in cases where the Cisco Content Security appliance sits behind
a mail relay server that is at the edge of the network.
allows authentication for outgoing mail in cases where the Cisco Content Security appliance sits behind
a mail relay server that is at the edge of the network.
Routing Email for Local Domains
The Security Management appliance routes the following mail:
•
ISQ released messages which ignore SMTP routing
•
Alerts
•
Configuration files that can be mailed to the specified destination
•
Support request message that can be sent to the defined recipient as well
The last two types of messages use SMTP routes to be delivered to the destination.
The Email Security appliance routes mail to local domains to hosts specified using the Management
Appliance > Network > SMTP Routes page (or the smtproutes command). This feature is similar to
the sendmail mailertable feature. (The SMTP Routes page and smtproutes command are an expansion
of the AsyncOS 2.0 Domain Redirect feature.)
Appliance > Network > SMTP Routes page (or the smtproutes command). This feature is similar to
the sendmail mailertable feature. (The SMTP Routes page and smtproutes command are an expansion
of the AsyncOS 2.0 Domain Redirect feature.)
Note
If you have completed the System Setup Wizard in the GUI and committed the changes, you defined the
first SMTP route entries on the appliance for each RAT entry you entered at that time.
first SMTP route entries on the appliance for each RAT entry you entered at that time.
Default SMTP Route
You can also define a default SMTP route with the special keyword
ALL
. If a domain does not match a
previous mapping in the SMTP Routes list, it defaults to being redirected to the MX host specified by
the
the
ALL
entry.