简介
本文档介绍如何使用AsyncOS 11.0.0-264中引入的邮件安全设备(ESA)上的发件人组根据地理位置将邮件服务器列入黑名单并拒绝该服务器。
先决条件
要求
Cisco 建议您了解以下主题:
注意:请参阅ESA用户指南或ESA GUI的在线帮助,了解更多详细信息。
使用的组件
本文档中的信息基于以下软件和硬件版本:
- ESA,运行AsyncOS 11.0.0-264或更新版本的所有硬件和虚拟设备
本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。
配置
从GUI
- 单击Mail Policies选项卡。
- 在主机访问表部分下,选择HAT概述,
- 从监听程序下拉列表中,确保当前为配置选择了正确的监听程序。
- 从下面的“发件人组”列中,单击黑名单,
- 单击Add Sender按钮。
- 单击Geolocation选项。
- 选择要被BLACKLIST发件人组拒绝的国家/地区。
添加完条目后,单击Submit按钮并单击Commit Changes按钮以保存更改。
从CLI
msesa1.cisco.com> listenerconfig
Currently configured listeners:
1. IncomingMail (on Management, 10.106.36.187) SMTP TCP Port 25 Public
Choose the operation you want to perform:
- NEW - Create a new listener.
- EDIT - Modify a listener.
- DELETE - Remove a listener.
- SETUP - Change global settings.
[]> edit
Enter the name or number of the listener you wish to edit.
[]> 1
Name: IncomingMail
Type: Public
Interface: Management (10.106.36.187/24) TCP Port 25
Protocol: SMTP
Default Domain:
Max Concurrent Connections: 300 (TCP Queue: 50)
Domain Map: Disabled
TLS: No
SMTP Authentication: Enabled with profile test
Bounce Profile: Default
Use SenderBase For Reputation Filters and IP Profiling: Yes
Footer: None
Heading: None
SMTP Call-Ahead: Disabled
LDAP: ldapaccept (test.accept)
Choose the operation you want to perform:
- NAME - Change the name of the listener.
- INTERFACE - Change the interface.
- CERTIFICATE - Choose the certificate.
- LIMITS - Change the injection limits.
- SETUP - Configure general options.
- HOSTACCESS - Modify the Host Access Table.
- RCPTACCESS - Modify the Recipient Access Table.
- BOUNCECONFIG - Choose the bounce profile to use for messages injected on this listener.
- MASQUERADE - Configure the Domain Masquerading Table.
- DOMAINMAP - Configure domain mappings.
- LDAPACCEPT - Configure an LDAP query to determine whether a recipient address should be accepted or bounced/dropped.
- SMTPAUTH - Configure an SMTP authentication.
[]> HOSTACCESS
Default Policy Parameters
==========================
Maximum Message Size: 10M
Maximum Number Of Concurrent Connections From A Single IP: 10
Maximum Number Of Messages Per Connection: 10
Maximum Number Of Recipients Per Message: 50
Directory Harvest Attack Prevention: Enabled
Maximum Number Of Invalid Recipients Per Hour: 25
Maximum Number Of Recipients Per Hour: Disabled
Maximum Number of Recipients per Envelope Sender: Disabled
Use SenderBase for Flow Control: Yes
Spam Detection Enabled: Yes
Virus Detection Enabled: Yes
Allow TLS Connections: No
Allow SMTP Authentication: No
Require TLS To Offer SMTP authentication: No
DKIM/DomainKeys Signing Enabled: No
DKIM Verification Enabled: No
S/MIME Public Key Harvesting Enabled: No
S/MIME Decryption/Verification Enabled: No
SPF/SIDF Verification Enabled: No
DMARC Verification Enabled: No
Envelope Sender DNS Verification Enabled: Yes
Domain Exception Table Enabled: No
Accept untagged bounces: No
There are currently 5 policies defined.
There are currently 6 sender groups.
Choose the operation you want to perform:
- NEW - Create a new entry.
- EDIT - Modify an entry.
- DELETE - Remove an entry.
- MOVE - Move an entry.
- DEFAULT - Set the defaults.
- PRINT - Display the table.
- IMPORT - Import a table from a file.
- EXPORT - Export the table to a file.
- RESET - Remove senders and set policies to system default.
[]> edit
1. Edit Sender Group
2. Edit Policy
[1]> 1
Currently configured HAT sender groups:
1. RELAYLIST
2. WHITELIST (My trusted senders have no anti-spam scanning or rate limiting)
3. BLACKLIST (Spammers are rejected)
4. SUSPECTLIST (Suspicious senders are throttled)
5. UNKNOWNLIST (Reviewed but undecided, continue normal acceptance)
6. (no name, first host = ALL) (Everyone else)
Enter the sender group number or name you wish to edit.
[]> BLACKLIST
Choose the operation you want to perform:
- NEW - Add a new host.
- DELETE - Remove a host.
- MOVE - Reorder the hosts.
- COUNTRY - Add and delete countries.
- POLICY - Change the policy settings and options.
- PRINT - Display the current definition.
- RENAME - Rename this sender group.
[]> COUNTRY
Choose the operation you want to perform:
- ADD - Add countries
[]> ADD
1. Afghanistan [af]
2. Aland Islands [ax]
3. Albania [al]
4. Algeria [dz]
5. American Samoa [as]
6. Andorra [ad]
7. Angola [ao]
8. Anguilla [ai]
9. Antarctica [aq]
10. Antigua and Barbuda [ag]
11. Argentina [ar]
12. Armenia [am]
13. Aruba [aw]
14. Asia/Pacific Region [ap]
15. Australia [au]
16. Austria [at]
17. Azerbaijan [az]
18. Bahamas [bs]
19. Bahrain [bh]
20. Bangladesh [bd]
21. Barbados [bb]
22. Belarus [by]
23. Belgium [be]
24. Belize [bz]
25. Benin [bj]
26. Bermuda [bm]
27. Bhutan [bt]
28. Bolivia [bo]
29. Bonaire, Saint Eustatius and Saba [bq]
30. Bosnia and Herzegovina [ba]
31. Botswana [bw]
32. Bouvet Island [bv]
33. Brazil [br]
34. British Indian Ocean Territory [io]
35. Brunei Darussalam [bn]
36. Bulgaria [bg]
37. Burkina Faso [bf]
38. Burundi [bi]
39. Cambodia [kh]
40. Cameroon [cm]
41. Canada [ca]
42. Cape Verde [cv]
43. Cayman Islands [ky]
44. Central African Republic [cf]
45. Chad [td]
46. Chile [cl]
47. China [cn]
48. Christmas Island [cx]
49. Cocos (Keeling) Islands [cc]
50. Colombia [co]
51. Comoros [km]
52. Congo [cg]
53. Congo, The Democratic Republic of the [cd]
54. Cook Islands [ck]
55. Costa Rica [cr]
56. Cote d'Ivoire [ci]
57. Croatia [hr]
58. Cuba [cu]
59. Curacao [cw]
60. Cyprus [cy]
61. Czech Republic [cz]
62. Denmark [dk]
63. Djibouti [dj]
64. Dominica [dm]
65. Dominican Republic [do]
66. Ecuador [ec]
67. Egypt [eg]
68. El Salvador [sv]
69. Equatorial Guinea [gq]
70. Eritrea [er]
71. Estonia [ee]
72. Ethiopia [et]
73. Europe [eu]
74. Falkland Islands (Malvinas) [fk]
75. Faroe Islands [fo]
76. Fiji [fj]
77. Finland [fi]
78. France [fr]
79. French Guiana [gf]
80. French Polynesia [pf]
81. French Southern Territories [tf]
82. Gabon [ga]
83. Gambia [gm]
84. Georgia [ge]
85. Germany [de]
86. Ghana [gh]
87. Gibraltar [gi]
88. Greece [gr]
89. Greenland [gl]
90. Grenada [gd]
91. Guadeloupe [gp]
92. Guam [gu]
93. Guatemala [gt]
94. Guernsey [gg]
95. Guinea [gn]
96. Guinea-Bissau [gw]
97. Guyana [gy]
98. Haiti [ht]
99. Heard Island and McDonald Islands [hm]
100. Holy See (Vatican City State) [va]
101. Honduras [hn]
102. Hong Kong [hk]
103. Hungary [hu]
104. Iceland [is]
105. India [in]
106. Indonesia [id]
107. Iran, Islamic Republic of [ir]
108. Iraq [iq]
109. Ireland [ie]
110. Isle of Man [im]
111. Israel [il]
112. Italy [it]
113. Jamaica [jm]
114. Japan [jp]
115. Jersey [je]
116. Jordan [jo]
117. Kazakhstan [kz]
118. Kenya [ke]
119. Kiribati [ki]
120. Korea, Democratic People's Republic of [kp]
121. Korea, Republic of [kr]
122. Kuwait [kw]
123. Kyrgyzstan [kg]
124. Lao People's Democratic Republic [la]
125. Latvia [lv]
126. Lebanon [lb]
127. Lesotho [ls]
128. Liberia [lr]
129. Libyan Arab Jamahiriya [ly]
130. Liechtenstein [li]
131. Lithuania [lt]
132. Luxembourg [lu]
133. Macao [mo]
134. Macedonia [mk]
135. Madagascar [mg]
136. Malawi [mw]
137. Malaysia [my]
138. Maldives [mv]
139. Mali [ml]
140. Malta [mt]
141. Marshall Islands [mh]
142. Martinique [mq]
143. Mauritania [mr]
144. Mauritius [mu]
145. Mayotte [yt]
146. Mexico [mx]
147. Micronesia, Federated States of [fm]
148. Moldova, Republic of [md]
149. Monaco [mc]
150. Mongolia [mn]
151. Montenegro [me]
152. Montserrat [ms]
153. Morocco [ma]
154. Mozambique [mz]
155. Myanmar [mm]
156. Namibia [na]
157. Nauru [nr]
158. Nepal [np]
159. Netherlands [nl]
160. New Caledonia [nc]
161. New Zealand [nz]
162. Nicaragua [ni]
163. Niger [ne]
164. Nigeria [ng]
165. Niue [nu]
166. Norfolk Island [nf]
167. Northern Mariana Islands [mp]
168. Norway [no]
169. Oman [om]
170. Pakistan [pk]
171. Palau [pw]
172. Palestinian Territory [ps]
173. Panama [pa]
174. Papua New Guinea [pg]
175. Paraguay [py]
176. Peru [pe]
177. Philippines [ph]
178. Pitcairn [pn]
179. Poland [pl]
180. Portugal [pt]
181. Puerto Rico [pr]
182. Qatar [qa]
183. Reunion [re]
184. Romania [ro]
185. Russian Federation [ru]
186. Rwanda [rw]
187. Saint Bartelemey [bl]
188. Saint Helena [sh]
189. Saint Kitts and Nevis [kn]
190. Saint Lucia [lc]
191. Saint Martin [mf]
192. Saint Pierre and Miquelon [pm]
193. Saint Vincent and the Grenadines [vc]
194. Samoa [ws]
195. San Marino [sm]
196. Sao Tome and Principe [st]
197. Saudi Arabia [sa]
198. Senegal [sn]
199. Serbia [rs]
200. Seychelles [sc]
201. Sierra Leone [sl]
202. Singapore [sg]
203. Sint Maarten [sx]
204. Slovakia [sk]
205. Slovenia [si]
206. Solomon Islands [sb]
207. Somalia [so]
208. South Africa [za]
209. South Georgia and the South Sandwich Islands [gs]
210. South Sudan [ss]
211. Spain [es]
212. Sri Lanka [lk]
213. Sudan [sd]
214. Suriname [sr]
215. Svalbard and Jan Mayen [sj]
216. Swaziland [sz]
217. Sweden [se]
218. Switzerland [ch]
219. Syrian Arab Republic [sy]
220. Taiwan [tw]
221. Tajikistan [tj]
222. Tanzania, United Republic of [tz]
223. Thailand [th]
224. Timor-Leste [tl]
225. Togo [tg]
226. Tokelau [tk]
227. Tonga [to]
228. Trinidad and Tobago [tt]
229. Tunisia [tn]
230. Turkey [tr]
231. Turkmenistan [tm]
232. Turks and Caicos Islands [tc]
233. Tuvalu [tv]
234. Uganda [ug]
235. Ukraine [ua]
236. United Arab Emirates [ae]
237. United Kingdom [gb]
238. United States Minor Outlying Islands [um]
239. United States [us]
240. Uruguay [uy]
241. Uzbekistan [uz]
242. Vanuatu [vu]
243. Venezuela [ve]
244. Vietnam [vn]
245. Virgin Islands, British [vg]
246. Virgin Islands, U.S. [vi]
247. Wallis and Futuna [wf]
248. Western Sahara [eh]
249. Yemen [ye]
250. Zambia [zm]
251. Zimbabwe [zw]
Enter the indices separated by commas or specify the range.
[]>
请记得发出commit命令以保存更改。
相关信息