7-43
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 7 Inspection of Basic Internet Protocols
SMTP and Extended SMTP Inspection
•
match
[
not
]
header
{
length
|
line length
}
gt
bytes
—Matches messages where the length or
length of a line in an ESMTP header is greater than the specified number of bytes.
•
match
[
not
]
header to-fields count gt
count
—Matches messages where the number of To
fields in the header is greater than the specified number.
•
match
[
not
]
invalid-recipients count gt
number
—Matches messages where the number of
invalid recipients is greater than the specified count.
•
match
[
not
]
mime filetype regex
{
regex_name
|
class
class_name
}—Matches the MIME or
media file type against the specified regular expression or regular expression class.
•
match
[
not
]
mime filename length gt
bytes
—Matches messages where a file name is longer
than the specified number of bytes.
•
match
[
not
]
mime encoding
type
[
type2
...]—Matches the MIME encoding type. You can
specify one or more of the following types: 7bit, 8bit, base64, binary, others, quoted-printable.
•
match
[
not
]
sender-address
regex
{
regex_name
|
class
class_name
}—Matches the sender
email address against the specified regular expression or regular expression class.
•
match
[
not
]
sender-address length gt
bytes
—Matches messages where the sender address is
greater than the specified number of bytes.
b.
Specify the action you want to perform on the matching traffic by entering the following command:
hostname(config-pmap-c)# {
drop-connection
[
log
]|
mask
[
log
] |
reset
[
log
] |
log
|
rate-limit
message_rate
}
Not all options are available for each
match
command. See the CLI help or the command reference
for the exact options available.
•
The
drop-connection
keyword drops the packet and closes the connection.
•
The
mask
keyword masks out the matching portion of the packet. This action is available for
ehlo-reply-parameter
and
cmd
verb
only.
•
The
reset
keyword drops the packet, closes the connection, and sends a TCP reset to the server
and/or client.
•
The
log
keyword, which you can use alone or with one of the other keywords, sends a system
log message.
•
The
rate-limit
message_rate
argument limits the rate of messages. This option is available with
cmd
verb
only, where you can use it as the only action, or you can use it in conjunction with
the
mask
action.
You can specify multiple
match
commands in the policy map. For information about the order of
match
commands, see
Defining Actions in an Inspection Policy Map, page 2-4
.
Step 4
To configure parameters that affect the inspection engine, perform the following steps:
a.
To enter parameters configuration mode, enter the following command:
hostname(config-pmap)#
parameters
hostname(config-pmap-p)#
b.
Set one or more parameters. You can set the following options; use the
no
form of the command to
disable the option:
•
mail-relay
domain-name
action
{
drop-connection
[
log
] |
log
}—Identifies a domain name for
mail relay. You can either drop the connection and optionally log it, or log it.
•
mask-banner
—Masks the banner from the ESMTP server.
Содержание ASA 5512-X
Страница 5: ...P A R T 1 Service Policies and Access Control ...
Страница 6: ......
Страница 50: ...3 14 Cisco ASA Series Firewall CLI Configuration Guide Chapter 3 Access Rules History for Access Rules ...
Страница 51: ...P A R T 2 Network Address Translation ...
Страница 52: ......
Страница 126: ...5 28 Cisco ASA Series Firewall CLI Configuration Guide Chapter 5 NAT Examples and Reference DNS and NAT ...
Страница 127: ...P A R T 3 Application Inspection ...
Страница 128: ......
Страница 255: ...P A R T 4 Connection Settings and Quality of Service ...
Страница 256: ......
Страница 288: ...12 14 Cisco ASA Series Firewall CLI Configuration Guide Chapter 12 Quality of Service History for QoS ...
Страница 303: ...P A R T 5 Advanced Network Protection ...
Страница 304: ......
Страница 339: ...P A R T 6 ASA Modules ...
Страница 340: ......
Страница 398: ...17 28 Cisco ASA Series Firewall CLI Configuration Guide Chapter 17 ASA CX Module History for the ASA CX Module ...