58
Chapter4 Understanding the Email Pipeline
4-4
Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
OL-25136-01
Table 4-2
Email Pipeline for the Cisco IronPort Appliance: Routing and Delivery Features
Work Queue
LDAP Recipient Acceptance
LDAP validation for recipient acceptance occurs
within the work queue. If the recipient is not found
in the LDAP directory, the message is dropped or
bounced. LDAP validation can be configured to
occur within the SMTP conversation instead.
Masquerading
or LDAP Masquerading
Masquerading occurs in the work queue; it rewrites
the Envelope Sender, To:, From:, and/or CC:
headers, from a static table or via an LDAP query.
LDAP Routing
LDAP queries are performed for message routing or
address rewriting. Group LDAP queries work in
conjunction with message filter rules
mail-from-group and rcpt-to-group.
Message Filters*
Message Filters are applied prior to message
“splintering.” * Can send messages to quarantines.
Safelist/Blocklist Scanning
AsyncOS checks the sender address against the end
user safelist/blocklist database. If the sender
address is safelisted, anti-spam scanning is skipped.
The message may be splintered if there are multiple
recipients. *Can send messages to quarantines if
sender is blocklisted.
Anti-Spam**
Email Security Manager Scanning (Per Recipient)
Anti-Spam scanning engine examines messages
and returns a verdict for further processing.
Anti-Virus*
Anti-Virus scanning examines messages for
viruses. Messages are scanned and optionally
repaired, if possible. * Can send messages to
quarantines.
Content Filters*
Content Filters are applied. DKIM, SPF, and SIDF
verification is performed if appropriate content
filter conditions are defined. * Can send messages
to quarantines.
Outbreak Filters*
The Outbreak Filters feature helps protect against
virus outbreaks, as well as new scam, phishing and
malware attacks. * Can send messages to
quarantines.
Data Loss Prevention (Outgoing
Messages Only)
RSA Email Data Loss prevention examines
outgoing messages for sensitive data. RSA Email
DLP is for outgoing messages only. * Can send
messages to quarantines.