Cisco Cisco Email Security Appliance C160 Mode D'Emploi
Chapter 3 LDAP Queries
3-188
Cisco IronPort AsyncOS 7.1 for Email Advanced Configuration Guide
OL-22164-02
Acceptance (Recipient Validation) Queries
You can use your existing LDAP infrastructure to define how the recipient email
address of incoming messages (on an public listener) should be handled. Changes
to user data in your directories are updated the next time the IronPort appliance
queries the directory server. You can specify the size of the caches and the amount
of time the IronPort appliance stores the data it retrieves.
address of incoming messages (on an public listener) should be handled. Changes
to user data in your directories are updated the next time the IronPort appliance
queries the directory server. You can specify the size of the caches and the amount
of time the IronPort appliance stores the data it retrieves.
Note
You may wish to bypass LDAP acceptance queries for special recipients (such as
administrator@example.com
). You can configure this setting from the Recipient
Access Table (RAT). For information about configuring this setting, see
“Configuring the Gateway to Receive Email” in the Cisco IronPort AsyncOS for
Email Configuration Guide.
“Configuring the Gateway to Receive Email” in the Cisco IronPort AsyncOS for
Email Configuration Guide.
Sample Acceptance Queries
Table 3-2
Example LDAP Query Strings for Common LDAP Implementations: Acceptance
Query for:
Recipient validation
OpenLDAP
(mailLocalAddress={a})
(mail={a})
(mailAlternateAddress={a})
Microsoft Active Directory Address Book
Microsoft Exchange
(|(mail={a})(proxyAddresses=smtp:{a}))
SunONE Directory Server
(mail={a})
(mailAlternateAddress={a})
(mailEquivalentAddress={a})
(mailForwardingAddress={a})
(mailRoutingAddress={a})
Lotus Notes
Lotus Domino
(|(|(mail={a})(uid={u}))(cn={u}))
(|(ShortName={u})(InternetAddress={a})(FullNa
me={u}))