Cisco Support
English
Feedback Help
Cisco Support Community
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
RonnieArrowECS
RonnieArrowECS
Community Member
‎03-31-2014 04:42 AM
‎03-31-2014 04:42 AM

Add partner to whitelist or create new incoming mail policy for partners

Hi all,

Quick question in regards to a IconPort C150 Appliance with AsyncOS 7.5

When partner send on behalf of our company and we have added their email servers to our SPF record in DNS. do we need to do something on IronPort too?

To my knowledge we are doing default anti spam checking and use bounce verification. Because of the bounce verification i am concerned when a partner email out to our customers making it look like it came from us. this will probably flag up as the bounce verification would have been involved.

So i wondered. is it as simple as just adding a partner to the HAT Overview > Whitelist or should i create a new Incoming Mail Policy?

Thanks in advance for the advice

Labels:
Everyone's tags (1)
0 Helpful
Reply
1 REPLY
Jacqueline Fleming
Jacqueline Fleming Cisco Employee
Cisco Employee
‎04-01-2014 10:08 AM
‎04-01-2014 10:08 AM

I understand you are

I understand you are conserned that Bounce Verification may affect your Partner's email.  This will depend on how the Envelope Sender is built:

 

- If they send as user@yourdomain.com: The emails will bounce back to your ESA, but those bounces will come from a variety of IPs.  The ESA will have no way of knowing they are related to your Partner.

There are workarounds using Filters & custom headers (example: http://tools.cisco.com/squish/Cd71E) , but you would need to know details about every mailing that your Partner was planning to send on your behalf so you could create those Filters in advance.

There is an exception to this situation: if the Partner sends all the messages to your ESA for delivery to the final Recipient. Bounce Verification will be tagged on these messages so your ESA can handle the bounces appropriately.

 

- If they send as yourorg@theirdomain.com: The bounces will go back to thier sever and be processed there.  This is considered 'best practice' as it allows the Partner to update their mailing lists; when bounces go to you, they get no feedback on thier mass mailings.

0 Helpful
Reply
Latest Documents
Snort IPS on ISR, ISRv and CSR - Step-By-Step Configuration
Created by Kureli Sankar on 04-19-2018 11:25 AM
0
0
0
0
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin... view more
Upgrade Chassis Manager (FXOS)
Created by Jeet Kumar on 02-23-2018 02:51 AM
2
15
2
15
    Login to the FXOS chassis manager. Direct your browser to https://hostname/, and log-in using the user-name and password.     Go to Help > About and check the current version:    Check the current version availa... view more
ASA 5506-X with ipv6 no access to internet
Created by Klaxel on 02-08-2018 01:25 AM
3
5
3
5
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6. In Syslog I also se... view more
All Documents
108
Views
0
Helpful
1
Replies
CreatePlease to create content
Discussion
Blog
Document
Video
Popular Blogs
AnyConnect Certificate Based Authentication.
Created by Marvin Ruiz on 08-27-2012 05:20 PM
36
70
36
70
BLOG (No Title)
Created by athukral on 06-14-2011 04:23 AM
15
35
15
35
Wireless Hacking
Created by Anim Saxena on 01-24-2013 07:56 AM
2
20
2
20
All Blogs