Cisco Cisco Email Security Appliance C170 技术参考
3-261
CLI Reference Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 3 The Commands: Reference Examples
SMTP Services Configuration
In this example, the following entries are added to the HAT above the
ALL
entry:
–
The first two entries reject all connections from the remote hosts in the domain
spamdomain.com
and any subdomain of
spamdomain.com
.
–
The third line refuses connections from any host with an IP address of
251.192.1.
x.
–
The fourth line allows the remote host with the IP address of
169.254.10.10
to use the Email
Security appliance as an SMTP relay for all of its outbound email to the Internet
Note
The order that rules appear in the HAT is important. The HAT is read from top to bottom for each
host that attempts to connect to the listener. If a rule matches a connecting host, the action is
taken for that connection immediately. You should place all custom entries in the HAT above an
ALL host definition. You can also use the HAT CLI editor or the GUI to customize the HAT for
a listener. For more information, see the “Configuring the Gateway to Receive Mail” and “Using
Mail Flow Monitor” chapters in the User Guide for AsyncOS for Cisco Email Security
Appliances.
host that attempts to connect to the listener. If a rule matches a connecting host, the action is
taken for that connection immediately. You should place all custom entries in the HAT above an
ALL host definition. You can also use the HAT CLI editor or the GUI to customize the HAT for
a listener. For more information, see the “Configuring the Gateway to Receive Mail” and “Using
Mail Flow Monitor” chapters in the User Guide for AsyncOS for Cisco Email Security
Appliances.
Step 4
Save the file and place it in the configuration directory for the interface so that it can be imported. (See
Appendix B, “Accessing the Appliance,” for more information.)
Appendix B, “Accessing the Appliance,” for more information.)
Step 5
Use the
hostaccess -> import
subcommand of
listenerconfig
to import the edited Host Access Table
file.
In the following example, the edited file named
inbound.HAT.txt
is imported into the HAT for the
InboundMail listener. The new entries are printed using the
print
subcommand.
mail3.example.com> listenerconfig
Currently configured listeners:
1. InboundMail (on PublicNet, 192.168.2.1) SMTP TCP Port 25 Public
2. OutboundMail (on PrivateNet, 192.168.1.1) SMTP TCP Port 25 Private
Choose the operation you want to perform:
- NEW - Create a new listener.
- EDIT - Modify a listener.
- DELETE - Remove a listener.
- SETUP - Change global settings.
[]> edit
Enter the name or number of the listener you wish to edit.
[]> 1
Name: InboundMail
Type: Public
Interface: PublicNet (192.168.2.1/24) TCP Port 25
Protocol: SMTP
Default Domain:
Max Concurrency: 1000 (TCP Queue: 50)
Domain Map: Disabled
TLS: No
SMTP Authentication: Disabled
spamdomain.com REJECT
.spamdomain.com REJECT
251.192.1. TCPREFUSE
169.254.10.10 RELAY