Cisco Cisco Email Security Appliance C680 User Guide
Chapter 3 LDAP Queries
3-164
Cisco IronPort AsyncOS 7.1 for Email Advanced Configuration Guide
OL-22164-02
Understanding How LDAP Works with AsyncOS
When you work with LDAP directories, the IronPort appliance can be used in
conjunction with an LDAP directory server to accept recipients, route messages,
and/or masquerade headers. LDAP group queries can also be used in conjunction
with message filters to create rules for handling messages as they are received by
the IronPort appliance.
conjunction with an LDAP directory server to accept recipients, route messages,
and/or masquerade headers. LDAP group queries can also be used in conjunction
with message filters to create rules for handling messages as they are received by
the IronPort appliance.
demonstrates how the IronPort appliance works with LDAP:
Figure 3-1
LDAP Configuration
Firewall
IronPort appliance
Sending MTA
•
Recipient email address (local)
•
Mailhost information
•
Mail routing information
•
Group information
•
SMTP AUTH
2
1
HELO
SMTP
A
3
DC=example,DC=com
with LDAP enabled
Step 1
The sending MTA sends a message to the public listener “A” via SMTP.
Step 2
The IronPort appliance queries the LDAP server defined via the System
Administration > LDAP page (or by the global
Administration > LDAP page (or by the global
ldapconfig
command).
Step 3
Data is received from the LDAP directory, and, depending on the queries defined
on the System Administration > LDAP page (or in the
on the System Administration > LDAP page (or in the
ldapconfig
command) that
are used by the listener: