11-56
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 11 Configuring Inspection of Basic Internet Protocols
SMTP and Extended SMTP Inspection
Drop Connections if command line length is greater than 512
Drop Connections if command recipient count is greater than 100
Drop Connections if body line length is greater than 1000
Drop Connections if sender address length is greater than 320
Drop Connections if MIME file name length is greater than 255
–
High
Obfuscate Server Banner
Drop Connections if command line length is greater than 512
Drop Connections if command recipient count is greater than 100
Drop Connections if body line length is greater than 1000
Drop Connections and log if sender address length is greater than 320
Drop Connections and log if MIME file name length is greater than 255
–
MIME File Type Filtering—Opens the MIME Type Filtering dialog box to configure MIME file
type filters.
–
Default Level—Sets the security level back to the default level of Low.
• Details—Shows the Parameters and Inspections tabs to configure additional settings.
Add/Edit ESMTP Policy Map (Details)
The Add/Edit ESMTP Policy Map (Details) dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > ESMTP > ESMTP Inspect Map > Advanced
View
The Add/Edit ESMTP Policy Map pane lets you configure the security level and additional settings for
ESMTP application inspection maps.
Fields
• Name—When adding an ESMTP map, enter the name of the ESMTP map. When editing an ESMTP
map, the name of the previously configured ESMTP map is shown.
• Description—Enter the description of the ESMTP map, up to 200 characters in length.
• Security Level—Shows the security level and mime file type filtering settings to configure.
• Parameters—Tab that lets you configure the parameters for the ESMTP inspect map.
–
Mask server banner—Enforces banner obfuscation.
–
Configure Mail Relay—Enables ESMTP mail relay.
Domain Name—Specifies a local domain.
Action—Drop connection or log.
Log—Enable or disable.
• Inspections—Tab that shows you the ESMTP inspection configuration and lets you add or edit.
–
Match Type—Shows the match type, which can be a positive or negative match.
–
Criterion—Shows the criterion of the ESMTP inspection.
–
Value—Shows the value to match in the ESMTP inspection.