소개
이 문서에서는 AsyncOS 11.0.0-264에 도입된 ESA(Email Security Appliance)에서 발신자 그룹을 사용하여 지리적 위치를 기반으로 이메일 서버를 블랙리스트에 추가하고 거부하는 방법에 대해 설명합니다.
사전 요구 사항
요구 사항
다음 주제에 대한 지식을 보유하고 있으면 유용합니다.
- Sender Group 및 HAT Overview 테이블의 ESA 컨피그레이션
참고: 자세한 내용은 ESA 사용 설명서 또는 ESA GUI의 온라인 도움말을 참조하십시오.
사용되는 구성 요소
이 문서의 정보는 다음 소프트웨어 및 하드웨어 버전을 기반으로 합니다.
- ESA, AsyncOS 11.0.0-264 이상을 실행하는 모든 하드웨어 및 가상 어플라이언스
이 문서의 정보는 특정 랩 환경의 디바이스를 토대로 작성되었습니다. 이 문서에 사용된 모든 디바이스는 초기화된(기본) 컨피그레이션으로 시작되었습니다. 현재 네트워크가 작동 중인 경우, 모든 명령어의 잠재적인 영향을 미리 숙지하시기 바랍니다.
설정
GUI에서
- Mail Policies(메일 정책) 탭을 클릭합니다.
- Host Access Table(호스트 액세스 테이블) 섹션에서 HAT Overview(HAT 개요),
- Listener(리스너) 드롭다운에서 컨피그레이션에 적합한 리스너가 현재 선택되어 있는지 확인합니다.
- 아래의 Sender Group(발신자 그룹) 열에서 BLACKLIST(블랙리스트)를 클릭합니다.
- Add Sender(발신자 추가) 버튼을 클릭합니다.
- Geolocation(지오로케이션) 옵션을 클릭합니다.
- BLACKLIST Sender Group에서 거부할 국가를 선택합니다.
항목 추가를 완료했으면 Submit(제출) 버튼을 클릭하고 Commit Changes(변경 커밋) 버튼을 클릭하여 변경 사항을 저장합니다.
CLI에서
msesa1.cisco.com> listenerconfig
Currently configured listeners:
1. IncomingMail (on Management, 10.106.36.187) SMTP TCP Port 25 Public
Choose the operation you want to perform:
- NEW - Create a new listener.
- EDIT - Modify a listener.
- DELETE - Remove a listener.
- SETUP - Change global settings.
[]> edit
Enter the name or number of the listener you wish to edit.
[]> 1
Name: IncomingMail
Type: Public
Interface: Management (10.106.36.187/24) TCP Port 25
Protocol: SMTP
Default Domain:
Max Concurrent Connections: 300 (TCP Queue: 50)
Domain Map: Disabled
TLS: No
SMTP Authentication: Enabled with profile test
Bounce Profile: Default
Use SenderBase For Reputation Filters and IP Profiling: Yes
Footer: None
Heading: None
SMTP Call-Ahead: Disabled
LDAP: ldapaccept (test.accept)
Choose the operation you want to perform:
- NAME - Change the name of the listener.
- INTERFACE - Change the interface.
- CERTIFICATE - Choose the certificate.
- LIMITS - Change the injection limits.
- SETUP - Configure general options.
- HOSTACCESS - Modify the Host Access Table.
- RCPTACCESS - Modify the Recipient Access Table.
- BOUNCECONFIG - Choose the bounce profile to use for messages injected on this listener.
- MASQUERADE - Configure the Domain Masquerading Table.
- DOMAINMAP - Configure domain mappings.
- LDAPACCEPT - Configure an LDAP query to determine whether a recipient address should be accepted or bounced/dropped.
- SMTPAUTH - Configure an SMTP authentication.
[]> HOSTACCESS
Default Policy Parameters
==========================
Maximum Message Size: 10M
Maximum Number Of Concurrent Connections From A Single IP: 10
Maximum Number Of Messages Per Connection: 10
Maximum Number Of Recipients Per Message: 50
Directory Harvest Attack Prevention: Enabled
Maximum Number Of Invalid Recipients Per Hour: 25
Maximum Number Of Recipients Per Hour: Disabled
Maximum Number of Recipients per Envelope Sender: Disabled
Use SenderBase for Flow Control: Yes
Spam Detection Enabled: Yes
Virus Detection Enabled: Yes
Allow TLS Connections: No
Allow SMTP Authentication: No
Require TLS To Offer SMTP authentication: No
DKIM/DomainKeys Signing Enabled: No
DKIM Verification Enabled: No
S/MIME Public Key Harvesting Enabled: No
S/MIME Decryption/Verification Enabled: No
SPF/SIDF Verification Enabled: No
DMARC Verification Enabled: No
Envelope Sender DNS Verification Enabled: Yes
Domain Exception Table Enabled: No
Accept untagged bounces: No
There are currently 5 policies defined.
There are currently 6 sender groups.
Choose the operation you want to perform:
- NEW - Create a new entry.
- EDIT - Modify an entry.
- DELETE - Remove an entry.
- MOVE - Move an entry.
- DEFAULT - Set the defaults.
- PRINT - Display the table.
- IMPORT - Import a table from a file.
- EXPORT - Export the table to a file.
- RESET - Remove senders and set policies to system default.
[]> edit
1. Edit Sender Group
2. Edit Policy
[1]> 1
Currently configured HAT sender groups:
1. RELAYLIST
2. WHITELIST (My trusted senders have no anti-spam scanning or rate limiting)
3. BLACKLIST (Spammers are rejected)
4. SUSPECTLIST (Suspicious senders are throttled)
5. UNKNOWNLIST (Reviewed but undecided, continue normal acceptance)
6. (no name, first host = ALL) (Everyone else)
Enter the sender group number or name you wish to edit.
[]> BLACKLIST
Choose the operation you want to perform:
- NEW - Add a new host.
- DELETE - Remove a host.
- MOVE - Reorder the hosts.
- COUNTRY - Add and delete countries.
- POLICY - Change the policy settings and options.
- PRINT - Display the current definition.
- RENAME - Rename this sender group.
[]> COUNTRY
Choose the operation you want to perform:
- ADD - Add countries
[]> ADD
1. Afghanistan [af]
2. Aland Islands [ax]
3. Albania [al]
4. Algeria [dz]
5. American Samoa [as]
6. Andorra [ad]
7. Angola [ao]
8. Anguilla [ai]
9. Antarctica [aq]
10. Antigua and Barbuda [ag]
11. Argentina [ar]
12. Armenia [am]
13. Aruba [aw]
14. Asia/Pacific Region [ap]
15. Australia [au]
16. Austria [at]
17. Azerbaijan [az]
18. Bahamas [bs]
19. Bahrain [bh]
20. Bangladesh [bd]
21. Barbados [bb]
22. Belarus [by]
23. Belgium [be]
24. Belize [bz]
25. Benin [bj]
26. Bermuda [bm]
27. Bhutan [bt]
28. Bolivia [bo]
29. Bonaire, Saint Eustatius and Saba [bq]
30. Bosnia and Herzegovina [ba]
31. Botswana [bw]
32. Bouvet Island [bv]
33. Brazil [br]
34. British Indian Ocean Territory [io]
35. Brunei Darussalam [bn]
36. Bulgaria [bg]
37. Burkina Faso [bf]
38. Burundi [bi]
39. Cambodia [kh]
40. Cameroon [cm]
41. Canada [ca]
42. Cape Verde [cv]
43. Cayman Islands [ky]
44. Central African Republic [cf]
45. Chad [td]
46. Chile [cl]
47. China [cn]
48. Christmas Island [cx]
49. Cocos (Keeling) Islands [cc]
50. Colombia [co]
51. Comoros [km]
52. Congo [cg]
53. Congo, The Democratic Republic of the [cd]
54. Cook Islands [ck]
55. Costa Rica [cr]
56. Cote d'Ivoire [ci]
57. Croatia [hr]
58. Cuba [cu]
59. Curacao [cw]
60. Cyprus [cy]
61. Czech Republic [cz]
62. Denmark [dk]
63. Djibouti [dj]
64. Dominica [dm]
65. Dominican Republic [do]
66. Ecuador [ec]
67. Egypt [eg]
68. El Salvador [sv]
69. Equatorial Guinea [gq]
70. Eritrea [er]
71. Estonia [ee]
72. Ethiopia [et]
73. Europe [eu]
74. Falkland Islands (Malvinas) [fk]
75. Faroe Islands [fo]
76. Fiji [fj]
77. Finland [fi]
78. France [fr]
79. French Guiana [gf]
80. French Polynesia [pf]
81. French Southern Territories [tf]
82. Gabon [ga]
83. Gambia [gm]
84. Georgia [ge]
85. Germany [de]
86. Ghana [gh]
87. Gibraltar [gi]
88. Greece [gr]
89. Greenland [gl]
90. Grenada [gd]
91. Guadeloupe [gp]
92. Guam [gu]
93. Guatemala [gt]
94. Guernsey [gg]
95. Guinea [gn]
96. Guinea-Bissau [gw]
97. Guyana [gy]
98. Haiti [ht]
99. Heard Island and McDonald Islands [hm]
100. Holy See (Vatican City State) [va]
101. Honduras [hn]
102. Hong Kong [hk]
103. Hungary [hu]
104. Iceland [is]
105. India [in]
106. Indonesia [id]
107. Iran, Islamic Republic of [ir]
108. Iraq [iq]
109. Ireland [ie]
110. Isle of Man [im]
111. Israel [il]
112. Italy [it]
113. Jamaica [jm]
114. Japan [jp]
115. Jersey [je]
116. Jordan [jo]
117. Kazakhstan [kz]
118. Kenya [ke]
119. Kiribati [ki]
120. Korea, Democratic People's Republic of [kp]
121. Korea, Republic of [kr]
122. Kuwait [kw]
123. Kyrgyzstan [kg]
124. Lao People's Democratic Republic [la]
125. Latvia [lv]
126. Lebanon [lb]
127. Lesotho [ls]
128. Liberia [lr]
129. Libyan Arab Jamahiriya [ly]
130. Liechtenstein [li]
131. Lithuania [lt]
132. Luxembourg [lu]
133. Macao [mo]
134. Macedonia [mk]
135. Madagascar [mg]
136. Malawi [mw]
137. Malaysia [my]
138. Maldives [mv]
139. Mali [ml]
140. Malta [mt]
141. Marshall Islands [mh]
142. Martinique [mq]
143. Mauritania [mr]
144. Mauritius [mu]
145. Mayotte [yt]
146. Mexico [mx]
147. Micronesia, Federated States of [fm]
148. Moldova, Republic of [md]
149. Monaco [mc]
150. Mongolia [mn]
151. Montenegro [me]
152. Montserrat [ms]
153. Morocco [ma]
154. Mozambique [mz]
155. Myanmar [mm]
156. Namibia [na]
157. Nauru [nr]
158. Nepal [np]
159. Netherlands [nl]
160. New Caledonia [nc]
161. New Zealand [nz]
162. Nicaragua [ni]
163. Niger [ne]
164. Nigeria [ng]
165. Niue [nu]
166. Norfolk Island [nf]
167. Northern Mariana Islands [mp]
168. Norway [no]
169. Oman [om]
170. Pakistan [pk]
171. Palau [pw]
172. Palestinian Territory [ps]
173. Panama [pa]
174. Papua New Guinea [pg]
175. Paraguay [py]
176. Peru [pe]
177. Philippines [ph]
178. Pitcairn [pn]
179. Poland [pl]
180. Portugal [pt]
181. Puerto Rico [pr]
182. Qatar [qa]
183. Reunion [re]
184. Romania [ro]
185. Russian Federation [ru]
186. Rwanda [rw]
187. Saint Bartelemey [bl]
188. Saint Helena [sh]
189. Saint Kitts and Nevis [kn]
190. Saint Lucia [lc]
191. Saint Martin [mf]
192. Saint Pierre and Miquelon [pm]
193. Saint Vincent and the Grenadines [vc]
194. Samoa [ws]
195. San Marino [sm]
196. Sao Tome and Principe [st]
197. Saudi Arabia [sa]
198. Senegal [sn]
199. Serbia [rs]
200. Seychelles [sc]
201. Sierra Leone [sl]
202. Singapore [sg]
203. Sint Maarten [sx]
204. Slovakia [sk]
205. Slovenia [si]
206. Solomon Islands [sb]
207. Somalia [so]
208. South Africa [za]
209. South Georgia and the South Sandwich Islands [gs]
210. South Sudan [ss]
211. Spain [es]
212. Sri Lanka [lk]
213. Sudan [sd]
214. Suriname [sr]
215. Svalbard and Jan Mayen [sj]
216. Swaziland [sz]
217. Sweden [se]
218. Switzerland [ch]
219. Syrian Arab Republic [sy]
220. Taiwan [tw]
221. Tajikistan [tj]
222. Tanzania, United Republic of [tz]
223. Thailand [th]
224. Timor-Leste [tl]
225. Togo [tg]
226. Tokelau [tk]
227. Tonga [to]
228. Trinidad and Tobago [tt]
229. Tunisia [tn]
230. Turkey [tr]
231. Turkmenistan [tm]
232. Turks and Caicos Islands [tc]
233. Tuvalu [tv]
234. Uganda [ug]
235. Ukraine [ua]
236. United Arab Emirates [ae]
237. United Kingdom [gb]
238. United States Minor Outlying Islands [um]
239. United States [us]
240. Uruguay [uy]
241. Uzbekistan [uz]
242. Vanuatu [vu]
243. Venezuela [ve]
244. Vietnam [vn]
245. Virgin Islands, British [vg]
246. Virgin Islands, U.S. [vi]
247. Wallis and Futuna [wf]
248. Western Sahara [eh]
249. Yemen [ye]
250. Zambia [zm]
251. Zimbabwe [zw]
Enter the indices separated by commas or specify the range.
[]>
반드시 commit 명령을 실행하여 변경 사항을 저장하십시오.
관련 정보
피드백