Chapter4 Understanding the Email Pipeline
Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
Email Pipeline for the Cisco IronPort Appliance: Routing and Delivery Features
LDAP Recipient Acceptance
LDAP validation for recipient acceptance occurs
within the work queue. If the recipient is not found
in the LDAP directory, the message is dropped or
bounced. LDAP validation can be configured to
occur within the SMTP conversation instead.
or LDAP Masquerading
Masquerading occurs in the work queue; it rewrites
the Envelope Sender, To:, From:, and/or CC:
headers, from a static table or via an LDAP query.
LDAP queries are performed for message routing or
address rewriting. Group LDAP queries work in
conjunction with message filter rules
mail-from-group and rcpt-to-group.
Message Filters are applied prior to message
“splintering.” * Can send messages to quarantines.
AsyncOS checks the sender address against the end
user safelist/blocklist database. If the sender
address is safelisted, anti-spam scanning is skipped.
The message may be splintered if there are multiple
recipients. *Can send messages to quarantines if
sender is blocklisted.
Email Security Manager Scanning (Per Recipient)
Anti-Spam scanning engine examines messages
and returns a verdict for further processing.
Anti-Virus scanning examines messages for
viruses. Messages are scanned and optionally
repaired, if possible. * Can send messages to
Content Filters are applied. DKIM, SPF, and SIDF
verification is performed if appropriate content
filter conditions are defined. * Can send messages
The Outbreak Filters feature helps protect against
virus outbreaks, as well as new scam, phishing and
malware attacks. * Can send messages to
Data Loss Prevention (Outgoing
RSA Email Data Loss prevention examines
outgoing messages for sensitive data. RSA Email
DLP is for outgoing messages only. * Can send
messages to quarantines.