Cisco Cisco Email Security Appliance C690 User Guide
4-45
Cisco IronPort AsyncOS 7.5 for Email Daily Management Guide
OL-25138-01
Chapter 4 Quarantines
Configuring the IronPort Spam Quarantines Feature
have the server connect on the “Global Catalog port” (it is in the 6000s) and you
need to create a low privilege LDAP user that the IronPort Spam quarantine can
bind as in order to execute the search.
need to create a low privilege LDAP user that the IronPort Spam quarantine can
bind as in order to execute the search.
Step 3
The IronPort Spam quarantine then searches for the user using the specified
BaseDN and Query String. When a user’s LDAP record is found, the IronPort
Spam quarantine then extracts the DN for that record and attempts bind to the
directory using the user records’ DN and the password they entered originally. If
this password check succeeds then the user is properly authenticated, but the
IronPort Spam quarantine still needs to determine which mailboxes’ contents to
show for that user.
BaseDN and Query String. When a user’s LDAP record is found, the IronPort
Spam quarantine then extracts the DN for that record and attempts bind to the
directory using the user records’ DN and the password they entered originally. If
this password check succeeds then the user is properly authenticated, but the
IronPort Spam quarantine still needs to determine which mailboxes’ contents to
show for that user.
Step 4
Messages are stored in the IronPort Spam quarantine using the recipient's
envelope address. After a user's password is validated against LDAP, the IronPort
Spam quarantine then retrieves the “Primary Email Attribute” from the LDAP
record to determine which envelope address they should show quarantined
messages for. The “Primary Email Attribute” can contain multiple email
addresses which are then used to determine what envelope addresses should be
displayed from the quarantine for the authenticated user.
envelope address. After a user's password is validated against LDAP, the IronPort
Spam quarantine then retrieves the “Primary Email Attribute” from the LDAP
record to determine which envelope address they should show quarantined
messages for. The “Primary Email Attribute” can contain multiple email
addresses which are then used to determine what envelope addresses should be
displayed from the quarantine for the authenticated user.
IMAP/POP Authentication
The authentication process for IMAP/POP works like this:
Step 1
Depending on your mail server configuration, a user enters their username (
joe
)
or email address (
joe@example.com
) and password into the web UI login page.
You can modify the Login Page Message to tell your users whether they should
enter a full email address or just their username (see
enter a full email address or just their username (see
Step 2
The IronPort Spam quarantine connects to the IMAP or POP server and uses the
entered login (either username or email address) and password to try to log into
the IMAP/POP server. If the password is accepted then the user is considered
authenticated and the IronPort Spam quarantine immediately logs out of the
IMAP/POP server.
entered login (either username or email address) and password to try to log into
the IMAP/POP server. If the password is accepted then the user is considered
authenticated and the IronPort Spam quarantine immediately logs out of the
IMAP/POP server.
Step 3
Once the user is authenticated, the IronPort Spam Quarantine lists email for the
user, based on the email address:
user, based on the email address:
–
If you have configured the IronPort Spam quarantine to specify a domain
to append to bare usernames (like
to append to bare usernames (like
joe
), then this domain is appended and
that fully qualified email address is used to search for matching
envelopes in the quarantine.
envelopes in the quarantine.