Cisco Cisco Email Security Appliance C160 ユーザーガイド

Select the LDAP query you would like to use for this authentication profile. Select a default encryption 
method from the drop-down menu. You can select from SHA, Salted SHA, Crypt, Plain, or MD5. If your 
LDAP servers prefix an encrypted password with the encryption type, leave ‘None’ selected. If your 
LDAP server saves the encryption type as a separate entity (OpenWave LDAP servers, for example), then 
select an encryption method from the menu. The default encryption setting will not be used if the LDAP 
query is using bind. 

Click the Finish button.

Click the Commit Changes button, add an optional comment if necessary, and then click Commit 
Changes to finish adding the LDAP SMTP Authentication profile.

After creating the authentication profile, you can enable the profile on a listener. See 

 for more information.

After using the Network > SMTP Authentication page to create an SMTP authentication “profile” that 
specifies the type of SMTP authentication you want to perform (LDAP-based or SMTP 
forwarding-based), you must associate that profile with a listener using the Network > Listeners page 
(or the 

listenerconfig

 command). 

An authenticated user is granted RELAY connection behavior within their current Mail Flow Policy.

You may specify more than one forwarding server in a profile. SASL mechanisms CRAM-MD5 and 
DIGEST-MD5 are not supported between the Cisco IronPort appliance and a forwarding server. 

In the following example, the listener “InboundMail” is edited to use the SMTPAUTH profile configured 
via the Edit Listener page: