Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

ACE LAYER 7 SMTP

Dear Folks,

I'm trying to criate trafic policy based on the email domain. For that, I need to know the email domain address.

I will be able to know Layer 7 SMTP header and archive that?

3 REPLIES
Cisco Employee

ACE LAYER 7 SMTP

The problem which I see here is ACE cannot negotiate the initial handshake with SMTP. As it does with HTTP.

MAIL From: test@cisco.com

250 2.1.0 test@cisco.com... Sender ok << without this we cannot go to the next line. >>

And to match a domain we need RCPT To: test1@cisco.com   <<< This is what we like to match >>

For your scenerio it is not going to work.

The best you can do is to create different VIP for different domain.

Read about Configuring a Layer 7 Class Map for Generic TCP and UDP Data Parsing.

ACE LAYER 7 SMTP

Ok Ajay,

But, how my firewall will route emails to specific VIP without knows the domain?

Cisco Employee

ACE LAYER 7 SMTP

This is only possible if the traffic for different domain hit different public IP on the firewall.

In all the domain point to the same IP address then I dont think it is feasible at firewall level.

with regards,

Ajay Kumar

285
Views
0
Helpful
3
Replies
CreatePlease to create content