cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1432
Views
0
Helpful
16
Replies
Highlighted
Beginner

Thanks Matthew, This is

Thanks Matthew,

 

This is really very helpful.

Highlighted
Cisco Employee

This may be a generalization

This may be a generalization.


But I imagine if a mail server enters into the ESA device, the ESA will do a Forward and Reverse DNS lookup to verify the mail server.


While it may not match your complete requirement of abc@test.com having mail.test.com, many verified servers would have their mail servers matching the domain (unless they're a hosted service) so you can use sendergroup matching to filter unverified senders (hosts which connect with no valid PTR/A record attached) to be throttled or dropped at the source if it fits your criteria -- i personally wouldn't drop such connections but would only throttle .

 

However with content filters, you will not be able to make the system check MX records against the sender domain;

 

SPF like Jernej suggested will allow some tests, but like you've noticed as well -- there are many servers which do not have SPF TXT records properly published -- but generally should have verified DNS settings.