User Guide
Contents
xv
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Setting Up Public Keys for Verifying Signed Messages 19-17
Enabling S/MIME Decryption and Verification 19-19
Configuring an Action for S/MIME Decrypted or Verified Message 19-20
S/MIME Certificate Requirements 19-20
Certificate Requirements for Signing 19-21
Certificate Requirements for Encryption 19-21
Exporting Public Keys 19-23
CHAPTER
20 Email Authentication 20-1
Email Authentication Overview 20-1
DomainKeys and DKIM Authentication 20-1
DomainKeys and DKIM Authentication Workflow 20-2
DomainKeys and DKIM Signing in AsyncOS 20-2
Configuring DomainKeys and DKIM Signing 20-3
Signing Keys 20-3
Public Keys 20-4
Domain Profiles 20-5
Enabling Signing for Outgoing Mail 20-6
Enabling Signing for Bounce and Delay Messages 20-6
Configuring DomainKeys/DKIM Signing (GUI) 20-7
Domain Keys and Logging 20-16
How to Verify Incoming Messages Using DKIM 20-16
DKIM Verification Checks Performed by AsyncOS 20-17
Managing DKIM Verification Profiles 20-17
Configuring DKIM Verification on the Mail Flow Policy 20-20
Configuring an Action for DKIM Verified Mail 20-21
Overview of SPF and SIDF Verification 20-22
How to Verify Incoming Messages Using SPF/SDIF 20-23
Enabling SPF and SIDF 20-24
Determining the Action to Take for SPF/SIDF Verified Mail 20-31
Verification Results 20-31
Using the spf-status Filter Rule in the CLI 20-32
spf-status Content Filter Rule in the GUI 20-33
Using the spf-passed Filter Rule 20-33
Testing the SPF/SIDF Results 20-34
Basic Granularity Test of SPF/SIDF Results 20-34
Greater Granularity Test of SPF/SIDF Results 20-34
DMARC Verification 20-35