Introdução
Este documento descreve como fazer uma lista negra e rejeitar um servidor de e-mail com base na geolocalização usando o Sender Group no Email Security Appliance (ESA) introduzido no AsyncOS 11.0.0-264.
Pré-requisitos
Requisitos
A Cisco recomenda que você tenha conhecimento destes tópicos:
- Configuração ESA do grupo de remetente e da tabela de visão geral de HAT.
Observação: consulte o Guia do usuário do ESA ou a Ajuda on-line da GUI do ESA para obter mais detalhes.
Componentes Utilizados
As informações neste documento são baseadas nestas versões de software e hardware:
- ESA, todos os dispositivos virtuais e de hardware que executam AsyncOS 11.0.0-264 ou mais recente
As informações neste documento foram criadas a partir de dispositivos em um ambiente de laboratório específico. Todos os dispositivos utilizados neste documento foram iniciados com uma configuração (padrão) inicial. Se a sua rede estiver ativa, certifique-se de que entende o impacto potencial de qualquer comando.
Configuração
Na GUI
- Clique na guia Políticas de e-mail.
- Na seção Tabela de acesso de host, selecione Visão geral do HAT,
- Na lista suspensa listener, verifique se o listener correto está selecionado para configuração.
- Na coluna Grupo de remetente abaixo, clique em BLACKLIST,
- Clique no botão Add Sender.
- Clique na opção Geolocalização.
- Selecione o país a ser rejeitado pelo grupo de remetentes da lista negra.
Quando terminar de adicionar as entradas, clique no botão Submit e no botão Commit Changes para salvar suas alterações.
Na CLI
msesa1.cisco.com> listenerconfig
Currently configured listeners:
1. IncomingMail (on Management, 10.106.36.187) SMTP TCP Port 25 Public
Choose the operation you want to perform:
- NEW - Create a new listener.
- EDIT - Modify a listener.
- DELETE - Remove a listener.
- SETUP - Change global settings.
[]> edit
Enter the name or number of the listener you wish to edit.
[]> 1
Name: IncomingMail
Type: Public
Interface: Management (10.106.36.187/24) TCP Port 25
Protocol: SMTP
Default Domain:
Max Concurrent Connections: 300 (TCP Queue: 50)
Domain Map: Disabled
TLS: No
SMTP Authentication: Enabled with profile test
Bounce Profile: Default
Use SenderBase For Reputation Filters and IP Profiling: Yes
Footer: None
Heading: None
SMTP Call-Ahead: Disabled
LDAP: ldapaccept (test.accept)
Choose the operation you want to perform:
- NAME - Change the name of the listener.
- INTERFACE - Change the interface.
- CERTIFICATE - Choose the certificate.
- LIMITS - Change the injection limits.
- SETUP - Configure general options.
- HOSTACCESS - Modify the Host Access Table.
- RCPTACCESS - Modify the Recipient Access Table.
- BOUNCECONFIG - Choose the bounce profile to use for messages injected on this listener.
- MASQUERADE - Configure the Domain Masquerading Table.
- DOMAINMAP - Configure domain mappings.
- LDAPACCEPT - Configure an LDAP query to determine whether a recipient address should be accepted or bounced/dropped.
- SMTPAUTH - Configure an SMTP authentication.
[]> HOSTACCESS
Default Policy Parameters
==========================
Maximum Message Size: 10M
Maximum Number Of Concurrent Connections From A Single IP: 10
Maximum Number Of Messages Per Connection: 10
Maximum Number Of Recipients Per Message: 50
Directory Harvest Attack Prevention: Enabled
Maximum Number Of Invalid Recipients Per Hour: 25
Maximum Number Of Recipients Per Hour: Disabled
Maximum Number of Recipients per Envelope Sender: Disabled
Use SenderBase for Flow Control: Yes
Spam Detection Enabled: Yes
Virus Detection Enabled: Yes
Allow TLS Connections: No
Allow SMTP Authentication: No
Require TLS To Offer SMTP authentication: No
DKIM/DomainKeys Signing Enabled: No
DKIM Verification Enabled: No
S/MIME Public Key Harvesting Enabled: No
S/MIME Decryption/Verification Enabled: No
SPF/SIDF Verification Enabled: No
DMARC Verification Enabled: No
Envelope Sender DNS Verification Enabled: Yes
Domain Exception Table Enabled: No
Accept untagged bounces: No
There are currently 5 policies defined.
There are currently 6 sender groups.
Choose the operation you want to perform:
- NEW - Create a new entry.
- EDIT - Modify an entry.
- DELETE - Remove an entry.
- MOVE - Move an entry.
- DEFAULT - Set the defaults.
- PRINT - Display the table.
- IMPORT - Import a table from a file.
- EXPORT - Export the table to a file.
- RESET - Remove senders and set policies to system default.
[]> edit
1. Edit Sender Group
2. Edit Policy
[1]> 1
Currently configured HAT sender groups:
1. RELAYLIST
2. WHITELIST (My trusted senders have no anti-spam scanning or rate limiting)
3. BLACKLIST (Spammers are rejected)
4. SUSPECTLIST (Suspicious senders are throttled)
5. UNKNOWNLIST (Reviewed but undecided, continue normal acceptance)
6. (no name, first host = ALL) (Everyone else)
Enter the sender group number or name you wish to edit.
[]> BLACKLIST
Choose the operation you want to perform:
- NEW - Add a new host.
- DELETE - Remove a host.
- MOVE - Reorder the hosts.
- COUNTRY - Add and delete countries.
- POLICY - Change the policy settings and options.
- PRINT - Display the current definition.
- RENAME - Rename this sender group.
[]> COUNTRY
Choose the operation you want to perform:
- ADD - Add countries
[]> ADD
1. Afghanistan [af]
2. Aland Islands [ax]
3. Albania [al]
4. Algeria [dz]
5. American Samoa [as]
6. Andorra [ad]
7. Angola [ao]
8. Anguilla [ai]
9. Antarctica [aq]
10. Antigua and Barbuda [ag]
11. Argentina [ar]
12. Armenia [am]
13. Aruba [aw]
14. Asia/Pacific Region [ap]
15. Australia [au]
16. Austria [at]
17. Azerbaijan [az]
18. Bahamas [bs]
19. Bahrain [bh]
20. Bangladesh [bd]
21. Barbados [bb]
22. Belarus [by]
23. Belgium [be]
24. Belize [bz]
25. Benin [bj]
26. Bermuda [bm]
27. Bhutan [bt]
28. Bolivia [bo]
29. Bonaire, Saint Eustatius and Saba [bq]
30. Bosnia and Herzegovina [ba]
31. Botswana [bw]
32. Bouvet Island [bv]
33. Brazil [br]
34. British Indian Ocean Territory [io]
35. Brunei Darussalam [bn]
36. Bulgaria [bg]
37. Burkina Faso [bf]
38. Burundi [bi]
39. Cambodia [kh]
40. Cameroon [cm]
41. Canada [ca]
42. Cape Verde [cv]
43. Cayman Islands [ky]
44. Central African Republic [cf]
45. Chad [td]
46. Chile [cl]
47. China [cn]
48. Christmas Island [cx]
49. Cocos (Keeling) Islands [cc]
50. Colombia [co]
51. Comoros [km]
52. Congo [cg]
53. Congo, The Democratic Republic of the [cd]
54. Cook Islands [ck]
55. Costa Rica [cr]
56. Cote d'Ivoire [ci]
57. Croatia [hr]
58. Cuba [cu]
59. Curacao [cw]
60. Cyprus [cy]
61. Czech Republic [cz]
62. Denmark [dk]
63. Djibouti [dj]
64. Dominica [dm]
65. Dominican Republic [do]
66. Ecuador [ec]
67. Egypt [eg]
68. El Salvador [sv]
69. Equatorial Guinea [gq]
70. Eritrea [er]
71. Estonia [ee]
72. Ethiopia [et]
73. Europe [eu]
74. Falkland Islands (Malvinas) [fk]
75. Faroe Islands [fo]
76. Fiji [fj]
77. Finland [fi]
78. France [fr]
79. French Guiana [gf]
80. French Polynesia [pf]
81. French Southern Territories [tf]
82. Gabon [ga]
83. Gambia [gm]
84. Georgia [ge]
85. Germany [de]
86. Ghana [gh]
87. Gibraltar [gi]
88. Greece [gr]
89. Greenland [gl]
90. Grenada [gd]
91. Guadeloupe [gp]
92. Guam [gu]
93. Guatemala [gt]
94. Guernsey [gg]
95. Guinea [gn]
96. Guinea-Bissau [gw]
97. Guyana [gy]
98. Haiti [ht]
99. Heard Island and McDonald Islands [hm]
100. Holy See (Vatican City State) [va]
101. Honduras [hn]
102. Hong Kong [hk]
103. Hungary [hu]
104. Iceland [is]
105. India [in]
106. Indonesia [id]
107. Iran, Islamic Republic of [ir]
108. Iraq [iq]
109. Ireland [ie]
110. Isle of Man [im]
111. Israel [il]
112. Italy [it]
113. Jamaica [jm]
114. Japan [jp]
115. Jersey [je]
116. Jordan [jo]
117. Kazakhstan [kz]
118. Kenya [ke]
119. Kiribati [ki]
120. Korea, Democratic People's Republic of [kp]
121. Korea, Republic of [kr]
122. Kuwait [kw]
123. Kyrgyzstan [kg]
124. Lao People's Democratic Republic [la]
125. Latvia [lv]
126. Lebanon [lb]
127. Lesotho [ls]
128. Liberia [lr]
129. Libyan Arab Jamahiriya [ly]
130. Liechtenstein [li]
131. Lithuania [lt]
132. Luxembourg [lu]
133. Macao [mo]
134. Macedonia [mk]
135. Madagascar [mg]
136. Malawi [mw]
137. Malaysia [my]
138. Maldives [mv]
139. Mali [ml]
140. Malta [mt]
141. Marshall Islands [mh]
142. Martinique [mq]
143. Mauritania [mr]
144. Mauritius [mu]
145. Mayotte [yt]
146. Mexico [mx]
147. Micronesia, Federated States of [fm]
148. Moldova, Republic of [md]
149. Monaco [mc]
150. Mongolia [mn]
151. Montenegro [me]
152. Montserrat [ms]
153. Morocco [ma]
154. Mozambique [mz]
155. Myanmar [mm]
156. Namibia [na]
157. Nauru [nr]
158. Nepal [np]
159. Netherlands [nl]
160. New Caledonia [nc]
161. New Zealand [nz]
162. Nicaragua [ni]
163. Niger [ne]
164. Nigeria [ng]
165. Niue [nu]
166. Norfolk Island [nf]
167. Northern Mariana Islands [mp]
168. Norway [no]
169. Oman [om]
170. Pakistan [pk]
171. Palau [pw]
172. Palestinian Territory [ps]
173. Panama [pa]
174. Papua New Guinea [pg]
175. Paraguay [py]
176. Peru [pe]
177. Philippines [ph]
178. Pitcairn [pn]
179. Poland [pl]
180. Portugal [pt]
181. Puerto Rico [pr]
182. Qatar [qa]
183. Reunion [re]
184. Romania [ro]
185. Russian Federation [ru]
186. Rwanda [rw]
187. Saint Bartelemey [bl]
188. Saint Helena [sh]
189. Saint Kitts and Nevis [kn]
190. Saint Lucia [lc]
191. Saint Martin [mf]
192. Saint Pierre and Miquelon [pm]
193. Saint Vincent and the Grenadines [vc]
194. Samoa [ws]
195. San Marino [sm]
196. Sao Tome and Principe [st]
197. Saudi Arabia [sa]
198. Senegal [sn]
199. Serbia [rs]
200. Seychelles [sc]
201. Sierra Leone [sl]
202. Singapore [sg]
203. Sint Maarten [sx]
204. Slovakia [sk]
205. Slovenia [si]
206. Solomon Islands [sb]
207. Somalia [so]
208. South Africa [za]
209. South Georgia and the South Sandwich Islands [gs]
210. South Sudan [ss]
211. Spain [es]
212. Sri Lanka [lk]
213. Sudan [sd]
214. Suriname [sr]
215. Svalbard and Jan Mayen [sj]
216. Swaziland [sz]
217. Sweden [se]
218. Switzerland [ch]
219. Syrian Arab Republic [sy]
220. Taiwan [tw]
221. Tajikistan [tj]
222. Tanzania, United Republic of [tz]
223. Thailand [th]
224. Timor-Leste [tl]
225. Togo [tg]
226. Tokelau [tk]
227. Tonga [to]
228. Trinidad and Tobago [tt]
229. Tunisia [tn]
230. Turkey [tr]
231. Turkmenistan [tm]
232. Turks and Caicos Islands [tc]
233. Tuvalu [tv]
234. Uganda [ug]
235. Ukraine [ua]
236. United Arab Emirates [ae]
237. United Kingdom [gb]
238. United States Minor Outlying Islands [um]
239. United States [us]
240. Uruguay [uy]
241. Uzbekistan [uz]
242. Vanuatu [vu]
243. Venezuela [ve]
244. Vietnam [vn]
245. Virgin Islands, British [vg]
246. Virgin Islands, U.S. [vi]
247. Wallis and Futuna [wf]
248. Western Sahara [eh]
249. Yemen [ye]
250. Zambia [zm]
251. Zimbabwe [zw]
Enter the indices separated by commas or specify the range.
[]>
Lembre-se de emitir o comando commit para salvar suas alterações.
Informações Relacionadas