Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
27-3
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 27 LDAP Queries
Overview of LDAP Queries
•
External Authentication. You can configure your appliance to use your LDAP directory to
authenticate users logging in to the appliance. For more information, see
authenticate users logging in to the appliance. For more information, see
.
•
Spam Quarantine End-User Authentication. You can configure your appliance to validate users
when they log in to the end-user quarantine. For more information, see
when they log in to the end-user quarantine. For more information, see
•
Spam Quarantine Alias Consolidation. If you use email notifications for spam, this query
consolidates the end-user aliases so that end-users do not receive quarantine notices for each aliased
email address. For more information, see
consolidates the end-user aliases so that end-users do not receive quarantine notices for each aliased
email address. For more information, see
•
User Distinguished Name. If you use RSA Enterprise Manager for data loss prevention (DLP), this
query retrieves the distinguished name for senders of messages that may contain DLP violations.
The Email Security appliance includes the distinguished name when it sends DLP incident data to
Enterprise Manager. For more information, see
query retrieves the distinguished name for senders of messages that may contain DLP violations.
The Email Security appliance includes the distinguished name when it sends DLP incident data to
Enterprise Manager. For more information, see
Understanding How LDAP Works with AsyncOS
When you work with LDAP directories, the appliance can be used in conjunction with an LDAP
directory server to accept recipients, route messages, and/or masquerade headers. LDAP group queries
can also be used in conjunction with message filters to create rules for handling messages as they are
received by the appliance.
directory server to accept recipients, route messages, and/or masquerade headers. LDAP group queries
can also be used in conjunction with message filters to create rules for handling messages as they are
received by the appliance.
demonstrates how the appliance works with LDAP:
Figure 27-1
LDAP Configuration
1.
The sending MTA sends a message to the public listener “A” via SMTP.
2.
The appliance queries the LDAP server defined via the System Administration > LDAP page (or by
the global
the global
ldapconfig
command).
Firewall
Appliance
Sending MTA
•
Recipient email address (local)
•
Mailhost information
•
Mail routing information
•
Group information
•
SMTP AUTH
2
1
HELO
SMTP
A
3
DC=example,DC=com
with LDAP enabled