安全 : Cisco IronPort Email 安全设备

什么数据如何发送对SenderBase和这禁用?

2016 年 10 月 24 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 8 月 22 日) | 反馈

简介

本文描述什么数据从电子邮件安全工具(ESA)发送对SenderBase,当SenderBase网络参与启用时。

贡献用Nasir Shakour和恩里科沃纳, Cisco TAC工程师。

当SenderBase网络参与启用时,什么数据发送对SenderBase ?

ESA能参加SenderBase用几个不同的方式,包括获取SenderBase分数和提供关于附件和电子邮件音量的SenderBase信息。

SenderBase斯克尔检索信息描述

SBRS分数由DNS查询获取。有SBRS启用在监听程序级别CLI的任何SMTP监听程序:listenerconfig > Edit >设置将查询SenderBase服务器关于根据他们的IP地址的电子邮件发送方的信息。这些查询透露关于您的公司的几件事对SenderBase。由于SenderBase DNS数据只供给Cisco用户, SenderBase查询包括一部分的您的系统序列号。另外,因为SenderBase查询询问特定IP地址,查询透露某些IP地址连接对您的ESA。 到/从关于SBRS分数的SenderBase发送的信息没有加密。

您能避免透露此信息到SenderBase由根据每听众基本类型的禁用的SenderBase查询。这在ESA的CLI可能只执行如下所示。

注意:默认情况下SenderBase查询在每监听程序启用,即使您不在任何发送方组中使用他们。

如下所示的CLI对话提供示例您如何能禁用发送SenderBase查询:

mail.example.com> listenerconfig

    Currently configured listeners:
    1. InboundMail (on Data 2, 192.168.195.101) SMTP TCP Port 25 Public
    2. OutboundMail (on Data 1, 172.20.0.101) SMTP TCP Port 25 Private

    Choose the operation you want to perform:
    - NEW - Create a new listener.
    - EDIT - Modify a listener.
    - DELETE - Remove a listener.
    - SETUP - Change global settings.
    []> EDIT

    Enter the name or number of the listener you wish to edit.
    []> 1

    Name: InboundMail
    Type: Public
    Interface: Data 2 (192.168.195.101/24) TCP Port 25
    Protocol: SMTP
    Default Domain:
    Max Concurrency: 50 (TCP Queue: 50)
    Domain Map: Disabled
    TLS: No
    SMTP Authentication: Enabled
    Bounce Profile: Default
    Use SenderBase For Reputation Filters and IP Profiling: Yes
    Footer: None
    LDAP: smtpauth (PublicLDAP.smtpauth)

    Choose the operation you want to perform:
    - NAME - Change the name of the listener.
    - INTERFACE - Change the interface.
    - LIMITS - Change the injection limits.
    - SETUP - Configure general options.
    - HOSTACCESS - Modify the Host Access Table.
    - RCPTACCESS - Modify the Recipient Access Table.
    - BOUNCECONFIG - Choose the bounce profile to use for messages injected
on this listener.
    - MASQUERADE - Configure the Domain Masquerading Table.
    - DOMAINMAP - Configure domain mappings.
    - LDAPACCEPT - Configure an LDAP query to determine whether a recipient
address should be accepted or bounced/dropped.
    - SMTPAUTH - Configure an SMTP authentication.
    []> SETUP

    Listener InboundMail Options

    Default Domain: example.com
    Add "Received:" Header: Yes
    Clean messages of bare CR/LF: Yes
    Enable SenderBase Reputation Filters and IP Profiling: Yes
    SenderBase query timeout: 5
    SenderBase per-connection timeout: 20
    Footer Attachment: <none configured>
    Address Parser Type: Loose

    Choose the operation you want to perform:
    - DEFAULTDOMAIN - Configure a default domain name.
    - RECEIVED - Set whether or not a Received: header is added.
    - CLEANSMTP - Set whether or not to repair bare CR and LF in messages.
    - SENDERBASE - Set SenderBase options.
    - FOOTER - Configure to add a footer to every message.
    - ADDRESS - Configure email address restrictions.
    []> SENDERBASE

    Would you like to enable SenderBase Reputation Filters and IP Profiling
    support? [Y]> N

    Listener InboundMail Options

    Default Domain: example.com
    Add "Received:" Header: Yes
    Clean messages of bare CR/LF: Yes
    Enable SenderBase Reputation Filters and IP Profiling: No
    Footer Attachment: <none configured>
    Address Parser Type: Loose

    mail.example.com> commit

SenderBase数据描述

ESA能特定发送其他信息到SenderBase为改善在威胁检测和邮件容积变化的响应时间的目的。思科认为保密性对您是重要,因此SenderBase在头脑里设计并且操作与您的保密性的保护。SenderBase不收集单个识别消息的信息或收件人和所有信息关于您的网络由Cisco.You对待机要地能启用或禁用发送信息对SenderBase在GUI或在CLI内。要控制SenderBase参与GUI,请选择安全服务> SenderBase。以下CLI示例显示禁用SenderBase信息分享:

mail.example.com> senderbaseconfig
Share statistical data with SenderBase: Enabled

Choose the operation you want to perform:
- SETUP - Configure SenderBase Network Participation settings
[]> setup

Do you want to share statistical data with the SenderBase Information Service
(recommended)? [Y]> n

The system will no longer share data with SenderBase. Are you sure you want to
disable? [N]> y

Share statistics with SenderBase Information Service: Disabled

Choose the operation you want to perform:
- SETUP - Configure SenderBase Network Participation settings
[]>

mail.example.com> commit

相关信息



Document ID: 118408