Exam 350-701 topic 1 question 658 discussion

The HAT maintains a set of rules that control incoming connections from remote hosts for a listener. Every configured listener has its own HAT. You configure HATs for both public and private listeners. By default, the HAT is defined to take different actions depending on the listener type: Public listeners. The HAT is set to accept email from all hosts. Private listeners. The HAT is set up to relay email from the host(s) you specify, and reject all other hosts. You can define the way in which remote hosts attempt to connect to a listener. You group remote host definitions into sender groups. A sender group is a list of remote hosts defined for the purpose of handling email from those senders in the same way. https://www.cisco.com/c/en/us/td/docs/security/esa/esa15-5-1/user_guide/b_ESA_Admin_Guide_15-5-1/b_ESA_Admin_Guide_12_1_chapter_0110.html

-Public: We need public listener for incoming email, in other word ESA listens, controls and receives connection from external hosts or domains. Who is sending email for US. The control of these connection is based on HAT (Host Access Table) A HAT is a sender group that decides which mail policy will process the mail. If the Mail Policy associated to this HAT is defined with an Action: ACCEPT “Connection Behavior”, this means that this is for incoming mail. ESA applies an incoming mail policy with a bunch inspection engine. -Private: We need private listener for outgoing mail, in other words, we need to route email sent from your internal domain to external hosts. If the Mail Policy associated to this HAT is defined with an Action: RELAY “Connection Behavior” and the sender IP internal SMTP server. This means that this is for outgoing mail. ESA applies an outgoing mail policy with a bunch inspection engine.

https://community.cisco.com/t5/security-blogs/cisco-esa-rat-hat-and-mail-flow-policy-simplified/ba-p/4453226 https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118136-qanda-esa-00.html