cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
324
Views
5
Helpful
1
Replies
dappleby300
Beginner

How to implement a unknown domain catchall or rewrite

Hi All,

 

I am trying to setup an interface on a Cisco ESA which is for unauthenticated internal mail (SMTP) but has restrictions. I am trying to setup one of the two options;

 

Option 1 - Do not accept email when the sender domain is not from an approved list

Option 2 - If a email is submitted with a domain not in an approved list the sender is rewritten invalid-sender@example.org (MUST be DMARC compliant so that means MAIL FROM and body FROM)

I am struggling to find a way of implementing either options on the ESA. The Sender Verification Exception Table doesn't have a catch all reject function so that's not usable. Message filter I can't find a way of rewriting the body from and return path. Masquerading doesn't have a catch all.

 

Exchange had this functionality built in via ms-Exch-SMTP-Accept-Authoritative-Domain-Sender (https://docs.microsoft.com/en-us/exchange/receive-connector-permissions-exchange-2013-help). I'm after the same functionality.

 

Regards,

Daniel
 

1 REPLY 1
marc.luescherFRE
Enthusiast

For Option A i would create a dictionary called "Authorized_Domains"

add all domains in the dictionary including the @sign, one per line max 1500

then I would create an incoming  content sender looking if sender contains list  in dictionary then quarantine to a maybe "Unauthorized Domains" for checking.

 

For Option B you would also create a content filter checking for DMARC verdict in the SMTP header and then edit the header and replace it with whatever you want to have on field Sender:

Content for Community-Ad