簡介
本文檔介紹如何使用AsyncOS 11.0.0-264中介紹的郵件安全裝置(ESA)上的發件人組基於地理定位將郵件伺服器列入黑名單並拒絕該伺服器。
必要條件
需求
思科建議您瞭解以下主題:
註:有關詳細資訊,請參閱ESA使用手冊或ESA GUI的聯機幫助。
採用元件
本文中的資訊係根據以下軟體和硬體版本:
- 運行AsyncOS 11.0.0-264或更新版本的ESA、所有硬體和虛擬裝置
本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路正在作用,請確保您已瞭解任何指令可能造成的影響。
組態
在GUI上
- 按一下Mail Policies頁籤。
- 在主機訪問表部分下,選擇HAT概述,
- 從監聽器下拉式清單中,確定目前為組態選取了正確的監聽器。
- 從下面的Sender Group列中,按一下BLACKLIST,
- 按一下Add Sender按鈕。
- 按一下Geolocation選項。
- 選擇要被黑名單發件人組拒絕的國家/地區。
增加完條目後,請按一下Submit按鈕並按一下Commit Changes按鈕以儲存更改。
從CLI
msesa1.cisco.com> listenerconfig
Currently configured listeners:
1. IncomingMail (on Management, 10.106.36.187) SMTP TCP Port 25 Public
Choose the operation you want to perform:
- NEW - Create a new listener.
- EDIT - Modify a listener.
- DELETE - Remove a listener.
- SETUP - Change global settings.
[]> edit
Enter the name or number of the listener you wish to edit.
[]> 1
Name: IncomingMail
Type: Public
Interface: Management (10.106.36.187/24) TCP Port 25
Protocol: SMTP
Default Domain:
Max Concurrent Connections: 300 (TCP Queue: 50)
Domain Map: Disabled
TLS: No
SMTP Authentication: Enabled with profile test
Bounce Profile: Default
Use SenderBase For Reputation Filters and IP Profiling: Yes
Footer: None
Heading: None
SMTP Call-Ahead: Disabled
LDAP: ldapaccept (test.accept)
Choose the operation you want to perform:
- NAME - Change the name of the listener.
- INTERFACE - Change the interface.
- CERTIFICATE - Choose the certificate.
- LIMITS - Change the injection limits.
- SETUP - Configure general options.
- HOSTACCESS - Modify the Host Access Table.
- RCPTACCESS - Modify the Recipient Access Table.
- BOUNCECONFIG - Choose the bounce profile to use for messages injected on this listener.
- MASQUERADE - Configure the Domain Masquerading Table.
- DOMAINMAP - Configure domain mappings.
- LDAPACCEPT - Configure an LDAP query to determine whether a recipient address should be accepted or bounced/dropped.
- SMTPAUTH - Configure an SMTP authentication.
[]> HOSTACCESS
Default Policy Parameters
==========================
Maximum Message Size: 10M
Maximum Number Of Concurrent Connections From A Single IP: 10
Maximum Number Of Messages Per Connection: 10
Maximum Number Of Recipients Per Message: 50
Directory Harvest Attack Prevention: Enabled
Maximum Number Of Invalid Recipients Per Hour: 25
Maximum Number Of Recipients Per Hour: Disabled
Maximum Number of Recipients per Envelope Sender: Disabled
Use SenderBase for Flow Control: Yes
Spam Detection Enabled: Yes
Virus Detection Enabled: Yes
Allow TLS Connections: No
Allow SMTP Authentication: No
Require TLS To Offer SMTP authentication: No
DKIM/DomainKeys Signing Enabled: No
DKIM Verification Enabled: No
S/MIME Public Key Harvesting Enabled: No
S/MIME Decryption/Verification Enabled: No
SPF/SIDF Verification Enabled: No
DMARC Verification Enabled: No
Envelope Sender DNS Verification Enabled: Yes
Domain Exception Table Enabled: No
Accept untagged bounces: No
There are currently 5 policies defined.
There are currently 6 sender groups.
Choose the operation you want to perform:
- NEW - Create a new entry.
- EDIT - Modify an entry.
- DELETE - Remove an entry.
- MOVE - Move an entry.
- DEFAULT - Set the defaults.
- PRINT - Display the table.
- IMPORT - Import a table from a file.
- EXPORT - Export the table to a file.
- RESET - Remove senders and set policies to system default.
[]> edit
1. Edit Sender Group
2. Edit Policy
[1]> 1
Currently configured HAT sender groups:
1. RELAYLIST
2. WHITELIST (My trusted senders have no anti-spam scanning or rate limiting)
3. BLACKLIST (Spammers are rejected)
4. SUSPECTLIST (Suspicious senders are throttled)
5. UNKNOWNLIST (Reviewed but undecided, continue normal acceptance)
6. (no name, first host = ALL) (Everyone else)
Enter the sender group number or name you wish to edit.
[]> BLACKLIST
Choose the operation you want to perform:
- NEW - Add a new host.
- DELETE - Remove a host.
- MOVE - Reorder the hosts.
- COUNTRY - Add and delete countries.
- POLICY - Change the policy settings and options.
- PRINT - Display the current definition.
- RENAME - Rename this sender group.
[]> COUNTRY
Choose the operation you want to perform:
- ADD - Add countries
[]> ADD
1. Afghanistan [af]
2. Aland Islands [ax]
3. Albania [al]
4. Algeria [dz]
5. American Samoa [as]
6. Andorra [ad]
7. Angola [ao]
8. Anguilla [ai]
9. Antarctica [aq]
10. Antigua and Barbuda [ag]
11. Argentina [ar]
12. Armenia [am]
13. Aruba [aw]
14. Asia/Pacific Region [ap]
15. Australia [au]
16. Austria [at]
17. Azerbaijan [az]
18. Bahamas [bs]
19. Bahrain [bh]
20. Bangladesh [bd]
21. Barbados [bb]
22. Belarus [by]
23. Belgium [be]
24. Belize [bz]
25. Benin [bj]
26. Bermuda [bm]
27. Bhutan [bt]
28. Bolivia [bo]
29. Bonaire, Saint Eustatius and Saba [bq]
30. Bosnia and Herzegovina [ba]
31. Botswana [bw]
32. Bouvet Island [bv]
33. Brazil [br]
34. British Indian Ocean Territory [io]
35. Brunei Darussalam [bn]
36. Bulgaria [bg]
37. Burkina Faso [bf]
38. Burundi [bi]
39. Cambodia [kh]
40. Cameroon [cm]
41. Canada [ca]
42. Cape Verde [cv]
43. Cayman Islands [ky]
44. Central African Republic [cf]
45. Chad [td]
46. Chile [cl]
47. China [cn]
48. Christmas Island [cx]
49. Cocos (Keeling) Islands [cc]
50. Colombia [co]
51. Comoros [km]
52. Congo [cg]
53. Congo, The Democratic Republic of the [cd]
54. Cook Islands [ck]
55. Costa Rica [cr]
56. Cote d'Ivoire [ci]
57. Croatia [hr]
58. Cuba [cu]
59. Curacao [cw]
60. Cyprus [cy]
61. Czech Republic [cz]
62. Denmark [dk]
63. Djibouti [dj]
64. Dominica [dm]
65. Dominican Republic [do]
66. Ecuador [ec]
67. Egypt [eg]
68. El Salvador [sv]
69. Equatorial Guinea [gq]
70. Eritrea [er]
71. Estonia [ee]
72. Ethiopia [et]
73. Europe [eu]
74. Falkland Islands (Malvinas) [fk]
75. Faroe Islands [fo]
76. Fiji [fj]
77. Finland [fi]
78. France [fr]
79. French Guiana [gf]
80. French Polynesia [pf]
81. French Southern Territories [tf]
82. Gabon [ga]
83. Gambia [gm]
84. Georgia [ge]
85. Germany [de]
86. Ghana [gh]
87. Gibraltar [gi]
88. Greece [gr]
89. Greenland [gl]
90. Grenada [gd]
91. Guadeloupe [gp]
92. Guam [gu]
93. Guatemala [gt]
94. Guernsey [gg]
95. Guinea [gn]
96. Guinea-Bissau [gw]
97. Guyana [gy]
98. Haiti [ht]
99. Heard Island and McDonald Islands [hm]
100. Holy See (Vatican City State) [va]
101. Honduras [hn]
102. Hong Kong [hk]
103. Hungary [hu]
104. Iceland [is]
105. India [in]
106. Indonesia [id]
107. Iran, Islamic Republic of [ir]
108. Iraq [iq]
109. Ireland [ie]
110. Isle of Man [im]
111. Israel [il]
112. Italy [it]
113. Jamaica [jm]
114. Japan [jp]
115. Jersey [je]
116. Jordan [jo]
117. Kazakhstan [kz]
118. Kenya [ke]
119. Kiribati [ki]
120. Korea, Democratic People's Republic of [kp]
121. Korea, Republic of [kr]
122. Kuwait [kw]
123. Kyrgyzstan [kg]
124. Lao People's Democratic Republic [la]
125. Latvia [lv]
126. Lebanon [lb]
127. Lesotho [ls]
128. Liberia [lr]
129. Libyan Arab Jamahiriya [ly]
130. Liechtenstein [li]
131. Lithuania [lt]
132. Luxembourg [lu]
133. Macao [mo]
134. Macedonia [mk]
135. Madagascar [mg]
136. Malawi [mw]
137. Malaysia [my]
138. Maldives [mv]
139. Mali [ml]
140. Malta [mt]
141. Marshall Islands [mh]
142. Martinique [mq]
143. Mauritania [mr]
144. Mauritius [mu]
145. Mayotte [yt]
146. Mexico [mx]
147. Micronesia, Federated States of [fm]
148. Moldova, Republic of [md]
149. Monaco [mc]
150. Mongolia [mn]
151. Montenegro [me]
152. Montserrat [ms]
153. Morocco [ma]
154. Mozambique [mz]
155. Myanmar [mm]
156. Namibia [na]
157. Nauru [nr]
158. Nepal [np]
159. Netherlands [nl]
160. New Caledonia [nc]
161. New Zealand [nz]
162. Nicaragua [ni]
163. Niger [ne]
164. Nigeria [ng]
165. Niue [nu]
166. Norfolk Island [nf]
167. Northern Mariana Islands [mp]
168. Norway [no]
169. Oman [om]
170. Pakistan [pk]
171. Palau [pw]
172. Palestinian Territory [ps]
173. Panama [pa]
174. Papua New Guinea [pg]
175. Paraguay [py]
176. Peru [pe]
177. Philippines [ph]
178. Pitcairn [pn]
179. Poland [pl]
180. Portugal [pt]
181. Puerto Rico [pr]
182. Qatar [qa]
183. Reunion [re]
184. Romania [ro]
185. Russian Federation [ru]
186. Rwanda [rw]
187. Saint Bartelemey [bl]
188. Saint Helena [sh]
189. Saint Kitts and Nevis [kn]
190. Saint Lucia [lc]
191. Saint Martin [mf]
192. Saint Pierre and Miquelon [pm]
193. Saint Vincent and the Grenadines [vc]
194. Samoa [ws]
195. San Marino [sm]
196. Sao Tome and Principe [st]
197. Saudi Arabia [sa]
198. Senegal [sn]
199. Serbia [rs]
200. Seychelles [sc]
201. Sierra Leone [sl]
202. Singapore [sg]
203. Sint Maarten [sx]
204. Slovakia [sk]
205. Slovenia [si]
206. Solomon Islands [sb]
207. Somalia [so]
208. South Africa [za]
209. South Georgia and the South Sandwich Islands [gs]
210. South Sudan [ss]
211. Spain [es]
212. Sri Lanka [lk]
213. Sudan [sd]
214. Suriname [sr]
215. Svalbard and Jan Mayen [sj]
216. Swaziland [sz]
217. Sweden [se]
218. Switzerland [ch]
219. Syrian Arab Republic [sy]
220. Taiwan [tw]
221. Tajikistan [tj]
222. Tanzania, United Republic of [tz]
223. Thailand [th]
224. Timor-Leste [tl]
225. Togo [tg]
226. Tokelau [tk]
227. Tonga [to]
228. Trinidad and Tobago [tt]
229. Tunisia [tn]
230. Turkey [tr]
231. Turkmenistan [tm]
232. Turks and Caicos Islands [tc]
233. Tuvalu [tv]
234. Uganda [ug]
235. Ukraine [ua]
236. United Arab Emirates [ae]
237. United Kingdom [gb]
238. United States Minor Outlying Islands [um]
239. United States [us]
240. Uruguay [uy]
241. Uzbekistan [uz]
242. Vanuatu [vu]
243. Venezuela [ve]
244. Vietnam [vn]
245. Virgin Islands, British [vg]
246. Virgin Islands, U.S. [vi]
247. Wallis and Futuna [wf]
248. Western Sahara [eh]
249. Yemen [ye]
250. Zambia [zm]
251. Zimbabwe [zw]
Enter the indices separated by commas or specify the range.
[]>
請記得發出commit命令以儲存更改。
相關資訊