Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1714
Views
5
Helpful
1
Replies

Virtual ESA

fahad.razzaq
Level 1
Level 1

‎04-22-2016 01:46 AM

Hi All,

i am new in security and going to deploy Virtual Email Security Appliance but little confuse about HAT and RAT

example i need to allow following domain form outside

allow domains from outside

amazon.com

smith@amazon.com

block domains :

animating.com

Block IP :

10.10.10.10

please explain about HAT AND RAT 

thanks in advance

Thanks

Fahad

Labels:
0 Helpful
1 Reply 1

Rehan Latif
Cisco Employee
Cisco Employee

‎04-22-2016 05:53 PM

Hi Fahad,

Here is a section of User guide explaining both:

Overview of the Recipient Access Table (RAT)

The Recipient Access Table defines which recipients are accepted by a public listener. At a minimum, the table specifies the address and whether to accept or reject it.

The Recipient Access Table (RAT) page shows a listing of the entries in the RAT including the order, default action, and whether or not the entry has been configured to bypass LDAP accept queries.

Host Access Table (HAT), Sender Groups, and Mail Flow Policies

The HAT allows you to specify hosts that are allowed to connect to a listener (that is, which hosts you will allow to send email).

Sender Groups are used to associate one or more senders into groups, upon which you can apply message filters, and other Mail Flow Policies. Mail Flow Policies are a way of expressing a group of HAT parameters (access rule, followed by rate limit parameters and custom SMTP codes and responses).

Together, sender groups and mail flow policies are defined in a listener’s HAT.

Host DNS verification settings for sender groups allow you to classify unverified senders prior to the SMTP conversation and include different types of unverified senders in your various sender groups.

While the connecting host was subject to Host DNS verification in sender groups — prior to the SMTP conversation — the domain portion of the envelope sender is DNS verified in mail flow policies, and the verification takes place during the SMTP conversation. Messages with malformed envelope senders can be ignored. You can add entries to the Sender Verification Exception Table — a list of domains and email addresses from which to accept or reject mail despite envelope sender DNS verification settings.

Sender reputation filtering allows you to classify email senders and restrict access to your email infrastructure based on sender’s trustworthiness as determined by the Cisco SenderBase Reputation Service.

The user guide is also available on appliances under:

GUI -> Help and Support -> Online Help

Regards,

Rehan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents