Cisco 7604 Configuration Manual page 444
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
ESMTP Inspection
Where the drop-connection action closes the connection. The log action sends a system log
message when this policy map matches traffic.
To enforce banner obfuscation, enter the following command:
c.
hostname(config-pmap-p)# mask-banner
(Optional) To detect special characters in sender or receiver email addresses, enter the following
d.
command:
hostname(config-pmap-p)# special-character action [drop-connection | log]]
Using this command detects pipe (|), backquote (`) and null characters.
(Optional) To match the body length or body line length, enter the following command:
e.
hostname(config-pmap-p)# match body [line] length gt length
Where length is the length of the message body or the length of a line in the message body.
(Optional) To match an ESMTP command verb, enter the following command:
f.
hostname(config-pmap-p)# match cmd verb verb
Where verb is any of the following ESMTP commands:
AUTH|DATA|EHLO|ETRN||HELO|HELP|MAIL|NOOP|QUIT|RCPT|RSET|SAML|SOML|VRFY
g.
(Optional) To match the number of recipient addresses, enter the following command:
hostname(config-pmap-p)# match cmd RCPT count gt count
Where count is the number of recipient addresses.
(Optional) To match the command line length, enter the following command:
h.
hostname(config-pmap-p)# match cmd line length gt length
Where length is the command line length.
(Optional) To match the ehlo-reply-parameters, enter the following command:
i.
hostname(config-pmap-p)# match ehlo-reply-parameter extensions
Where extensions are the ESMTP service extensions sent by the server in response to the EHLO
message from the client. These extensions are implemented as a new command or as parameters to
an existing command. extensions can be any of the following.
8bitmime|binarymime|checkpoint|dsn|ecode|etrn|others|pipelining|size|vrfy
(Optional) To match the header length or header line length, enter the following command:
j.
hostname(config-pmap-p)# match header [line] length gt length
Where length is the number of characters in the header or line.
(Optional) To match the header to-fields count, enter the following command:
k.
hostname(config-pmap-p)# match header to-fields count gt count
Where count is the number of recipients in the to-field of the header.
(Optional) To match the number of invalid recipients, enter the following command:
l.
hostname(config-pmap-p)# match invalid-recipients count gt count
Where count is the number of invalid recipients.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
22-28
Chapter 22
Applying Application Layer Protocol Inspection
OL-20748-01
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
