Inleiding
Dit document beschrijft hoe een e-mailserver op basis van de geolocatie kan worden geblokkeerd en geweigerd met behulp van Sender Group op de e-mail security applicatie (ESA) die is geïntroduceerd in AsyncOS 11.0.0-264.
Voorwaarden
Vereisten
Cisco raadt kennis van de volgende onderwerpen aan:
- ESR-configuratie van de afzendergroep en HAT-overzichtstabel.
Opmerking: raadpleeg de ESA User Guide of de Online Help van de ESA GUI voor meer informatie.
Gebruikte componenten
De informatie in dit document is gebaseerd op de volgende software- en hardware-versies:
- ESA, alle hardware en virtuele apparaten met AsyncOS 11.0.0-264 of nieuwer
De informatie in dit document is gebaseerd op de apparaten in een specifieke laboratoriumomgeving. Alle apparaten die in dit document worden beschreven, hadden een opgeschoonde (standaard)configuratie. Als uw netwerk live is, moet u de potentiële impact van elke opdracht begrijpen.
Configuratie
Via de GUI
- Klik op het tabblad Postbeleid.
- Selecteer in het gedeelte Host Access Table HAT - Overzicht,
- Zorg er vanuit de vervolgkeuzelijst luisteraar voor dat de juiste luisteraar op dit moment is geselecteerd voor configuratie.
- Klik in de onderstaande kolom Sender Group op BLACKLIST,
- Klik op de knop Verzender toevoegen.
- Klik op de optie Geolocation.
- Selecteer het land dat moet worden afgewezen door de BLACKLIST Sender Group.
Als u klaar bent met het toevoegen van de items, klikt u op de knop Verzenden en klikt u op de knop Wijzigingen vastleggen om de wijzigingen op te slaan.
Van de CLI
msesa1.cisco.com> listenerconfig
Currently configured listeners:
1. IncomingMail (on Management, 10.106.36.187) SMTP TCP Port 25 Public
Choose the operation you want to perform:
- NEW - Create a new listener.
- EDIT - Modify a listener.
- DELETE - Remove a listener.
- SETUP - Change global settings.
[]> edit
Enter the name or number of the listener you wish to edit.
[]> 1
Name: IncomingMail
Type: Public
Interface: Management (10.106.36.187/24) TCP Port 25
Protocol: SMTP
Default Domain:
Max Concurrent Connections: 300 (TCP Queue: 50)
Domain Map: Disabled
TLS: No
SMTP Authentication: Enabled with profile test
Bounce Profile: Default
Use SenderBase For Reputation Filters and IP Profiling: Yes
Footer: None
Heading: None
SMTP Call-Ahead: Disabled
LDAP: ldapaccept (test.accept)
Choose the operation you want to perform:
- NAME - Change the name of the listener.
- INTERFACE - Change the interface.
- CERTIFICATE - Choose the certificate.
- LIMITS - Change the injection limits.
- SETUP - Configure general options.
- HOSTACCESS - Modify the Host Access Table.
- RCPTACCESS - Modify the Recipient Access Table.
- BOUNCECONFIG - Choose the bounce profile to use for messages injected on this listener.
- MASQUERADE - Configure the Domain Masquerading Table.
- DOMAINMAP - Configure domain mappings.
- LDAPACCEPT - Configure an LDAP query to determine whether a recipient address should be accepted or bounced/dropped.
- SMTPAUTH - Configure an SMTP authentication.
[]> HOSTACCESS
Default Policy Parameters
==========================
Maximum Message Size: 10M
Maximum Number Of Concurrent Connections From A Single IP: 10
Maximum Number Of Messages Per Connection: 10
Maximum Number Of Recipients Per Message: 50
Directory Harvest Attack Prevention: Enabled
Maximum Number Of Invalid Recipients Per Hour: 25
Maximum Number Of Recipients Per Hour: Disabled
Maximum Number of Recipients per Envelope Sender: Disabled
Use SenderBase for Flow Control: Yes
Spam Detection Enabled: Yes
Virus Detection Enabled: Yes
Allow TLS Connections: No
Allow SMTP Authentication: No
Require TLS To Offer SMTP authentication: No
DKIM/DomainKeys Signing Enabled: No
DKIM Verification Enabled: No
S/MIME Public Key Harvesting Enabled: No
S/MIME Decryption/Verification Enabled: No
SPF/SIDF Verification Enabled: No
DMARC Verification Enabled: No
Envelope Sender DNS Verification Enabled: Yes
Domain Exception Table Enabled: No
Accept untagged bounces: No
There are currently 5 policies defined.
There are currently 6 sender groups.
Choose the operation you want to perform:
- NEW - Create a new entry.
- EDIT - Modify an entry.
- DELETE - Remove an entry.
- MOVE - Move an entry.
- DEFAULT - Set the defaults.
- PRINT - Display the table.
- IMPORT - Import a table from a file.
- EXPORT - Export the table to a file.
- RESET - Remove senders and set policies to system default.
[]> edit
1. Edit Sender Group
2. Edit Policy
[1]> 1
Currently configured HAT sender groups:
1. RELAYLIST
2. WHITELIST (My trusted senders have no anti-spam scanning or rate limiting)
3. BLACKLIST (Spammers are rejected)
4. SUSPECTLIST (Suspicious senders are throttled)
5. UNKNOWNLIST (Reviewed but undecided, continue normal acceptance)
6. (no name, first host = ALL) (Everyone else)
Enter the sender group number or name you wish to edit.
[]> BLACKLIST
Choose the operation you want to perform:
- NEW - Add a new host.
- DELETE - Remove a host.
- MOVE - Reorder the hosts.
- COUNTRY - Add and delete countries.
- POLICY - Change the policy settings and options.
- PRINT - Display the current definition.
- RENAME - Rename this sender group.
[]> COUNTRY
Choose the operation you want to perform:
- ADD - Add countries
[]> ADD
1. Afghanistan [af]
2. Aland Islands [ax]
3. Albania [al]
4. Algeria [dz]
5. American Samoa [as]
6. Andorra [ad]
7. Angola [ao]
8. Anguilla [ai]
9. Antarctica [aq]
10. Antigua and Barbuda [ag]
11. Argentina [ar]
12. Armenia [am]
13. Aruba [aw]
14. Asia/Pacific Region [ap]
15. Australia [au]
16. Austria [at]
17. Azerbaijan [az]
18. Bahamas [bs]
19. Bahrain [bh]
20. Bangladesh [bd]
21. Barbados [bb]
22. Belarus [by]
23. Belgium [be]
24. Belize [bz]
25. Benin [bj]
26. Bermuda [bm]
27. Bhutan [bt]
28. Bolivia [bo]
29. Bonaire, Saint Eustatius and Saba [bq]
30. Bosnia and Herzegovina [ba]
31. Botswana [bw]
32. Bouvet Island [bv]
33. Brazil [br]
34. British Indian Ocean Territory [io]
35. Brunei Darussalam [bn]
36. Bulgaria [bg]
37. Burkina Faso [bf]
38. Burundi [bi]
39. Cambodia [kh]
40. Cameroon [cm]
41. Canada [ca]
42. Cape Verde [cv]
43. Cayman Islands [ky]
44. Central African Republic [cf]
45. Chad [td]
46. Chile [cl]
47. China [cn]
48. Christmas Island [cx]
49. Cocos (Keeling) Islands [cc]
50. Colombia [co]
51. Comoros [km]
52. Congo [cg]
53. Congo, The Democratic Republic of the [cd]
54. Cook Islands [ck]
55. Costa Rica [cr]
56. Cote d'Ivoire [ci]
57. Croatia [hr]
58. Cuba [cu]
59. Curacao [cw]
60. Cyprus [cy]
61. Czech Republic [cz]
62. Denmark [dk]
63. Djibouti [dj]
64. Dominica [dm]
65. Dominican Republic [do]
66. Ecuador [ec]
67. Egypt [eg]
68. El Salvador [sv]
69. Equatorial Guinea [gq]
70. Eritrea [er]
71. Estonia [ee]
72. Ethiopia [et]
73. Europe [eu]
74. Falkland Islands (Malvinas) [fk]
75. Faroe Islands [fo]
76. Fiji [fj]
77. Finland [fi]
78. France [fr]
79. French Guiana [gf]
80. French Polynesia [pf]
81. French Southern Territories [tf]
82. Gabon [ga]
83. Gambia [gm]
84. Georgia [ge]
85. Germany [de]
86. Ghana [gh]
87. Gibraltar [gi]
88. Greece [gr]
89. Greenland [gl]
90. Grenada [gd]
91. Guadeloupe [gp]
92. Guam [gu]
93. Guatemala [gt]
94. Guernsey [gg]
95. Guinea [gn]
96. Guinea-Bissau [gw]
97. Guyana [gy]
98. Haiti [ht]
99. Heard Island and McDonald Islands [hm]
100. Holy See (Vatican City State) [va]
101. Honduras [hn]
102. Hong Kong [hk]
103. Hungary [hu]
104. Iceland [is]
105. India [in]
106. Indonesia [id]
107. Iran, Islamic Republic of [ir]
108. Iraq [iq]
109. Ireland [ie]
110. Isle of Man [im]
111. Israel [il]
112. Italy [it]
113. Jamaica [jm]
114. Japan [jp]
115. Jersey [je]
116. Jordan [jo]
117. Kazakhstan [kz]
118. Kenya [ke]
119. Kiribati [ki]
120. Korea, Democratic People's Republic of [kp]
121. Korea, Republic of [kr]
122. Kuwait [kw]
123. Kyrgyzstan [kg]
124. Lao People's Democratic Republic [la]
125. Latvia [lv]
126. Lebanon [lb]
127. Lesotho [ls]
128. Liberia [lr]
129. Libyan Arab Jamahiriya [ly]
130. Liechtenstein [li]
131. Lithuania [lt]
132. Luxembourg [lu]
133. Macao [mo]
134. Macedonia [mk]
135. Madagascar [mg]
136. Malawi [mw]
137. Malaysia [my]
138. Maldives [mv]
139. Mali [ml]
140. Malta [mt]
141. Marshall Islands [mh]
142. Martinique [mq]
143. Mauritania [mr]
144. Mauritius [mu]
145. Mayotte [yt]
146. Mexico [mx]
147. Micronesia, Federated States of [fm]
148. Moldova, Republic of [md]
149. Monaco [mc]
150. Mongolia [mn]
151. Montenegro [me]
152. Montserrat [ms]
153. Morocco [ma]
154. Mozambique [mz]
155. Myanmar [mm]
156. Namibia [na]
157. Nauru [nr]
158. Nepal [np]
159. Netherlands [nl]
160. New Caledonia [nc]
161. New Zealand [nz]
162. Nicaragua [ni]
163. Niger [ne]
164. Nigeria [ng]
165. Niue [nu]
166. Norfolk Island [nf]
167. Northern Mariana Islands [mp]
168. Norway [no]
169. Oman [om]
170. Pakistan [pk]
171. Palau [pw]
172. Palestinian Territory [ps]
173. Panama [pa]
174. Papua New Guinea [pg]
175. Paraguay [py]
176. Peru [pe]
177. Philippines [ph]
178. Pitcairn [pn]
179. Poland [pl]
180. Portugal [pt]
181. Puerto Rico [pr]
182. Qatar [qa]
183. Reunion [re]
184. Romania [ro]
185. Russian Federation [ru]
186. Rwanda [rw]
187. Saint Bartelemey [bl]
188. Saint Helena [sh]
189. Saint Kitts and Nevis [kn]
190. Saint Lucia [lc]
191. Saint Martin [mf]
192. Saint Pierre and Miquelon [pm]
193. Saint Vincent and the Grenadines [vc]
194. Samoa [ws]
195. San Marino [sm]
196. Sao Tome and Principe [st]
197. Saudi Arabia [sa]
198. Senegal [sn]
199. Serbia [rs]
200. Seychelles [sc]
201. Sierra Leone [sl]
202. Singapore [sg]
203. Sint Maarten [sx]
204. Slovakia [sk]
205. Slovenia [si]
206. Solomon Islands [sb]
207. Somalia [so]
208. South Africa [za]
209. South Georgia and the South Sandwich Islands [gs]
210. South Sudan [ss]
211. Spain [es]
212. Sri Lanka [lk]
213. Sudan [sd]
214. Suriname [sr]
215. Svalbard and Jan Mayen [sj]
216. Swaziland [sz]
217. Sweden [se]
218. Switzerland [ch]
219. Syrian Arab Republic [sy]
220. Taiwan [tw]
221. Tajikistan [tj]
222. Tanzania, United Republic of [tz]
223. Thailand [th]
224. Timor-Leste [tl]
225. Togo [tg]
226. Tokelau [tk]
227. Tonga [to]
228. Trinidad and Tobago [tt]
229. Tunisia [tn]
230. Turkey [tr]
231. Turkmenistan [tm]
232. Turks and Caicos Islands [tc]
233. Tuvalu [tv]
234. Uganda [ug]
235. Ukraine [ua]
236. United Arab Emirates [ae]
237. United Kingdom [gb]
238. United States Minor Outlying Islands [um]
239. United States [us]
240. Uruguay [uy]
241. Uzbekistan [uz]
242. Vanuatu [vu]
243. Venezuela [ve]
244. Vietnam [vn]
245. Virgin Islands, British [vg]
246. Virgin Islands, U.S. [vi]
247. Wallis and Futuna [wf]
248. Western Sahara [eh]
249. Yemen [ye]
250. Zambia [zm]
251. Zimbabwe [zw]
Enter the indices separated by commas or specify the range.
[]>
Vergeet niet de opdracht commit uit te geven om uw wijzigingen op te slaan.
Gerelateerde informatie