Cisco Cisco Email Security Appliance C170 사용자 가이드
3-17
Cisco IronPort AsyncOS 7.6 for Email Advanced Configuration Guide
OL-25137-01
Chapter 3 LDAP Queries
•
Microsoft Exchange environments that are aware of each other within the infrastructure can usually
route mail between each other without involving a route back to the originating MTA.
route mail between each other without involving a route back to the originating MTA.
Testing LDAP Queries
Use the Test Query button on the Add/Edit LDAP Server Profile page (or the
test
subcommand in the
CLI) of each query type to test the query to the LDAP server you configured. In addition to displaying
the result, AsyncOS also displays the details on each stage of the query connection test. You can test
each of the query types.
the result, AsyncOS also displays the details on each stage of the query connection test. You can test
each of the query types.
The
ldaptest
command is available as a batch command, for example:
ldaptest LDAP.ldapaccept foo@ironport.com
If you entered multiple hosts in the Host Name field of the LDAP server attributes, the Cisco IronPort
appliance tests the query on each LDAP server.
appliance tests the query on each LDAP server.
ldaptest
command.)
Table 3-1
Testing LDAP Queries
Query type
If a recipient matches (PASS)...
If a recipient does not match (FAIL)...
Recipient Acceptance
(Accept,
(Accept,
ldapaccept
)
Accept the message.
Invalid Recipient: Conversation or
delayed bounce or drop the message
per listener settings.
delayed bounce or drop the message
per listener settings.
DHAP: Drop.
Routing
(Routing,
ldaprouting
)
Route based on the query
settings.
settings.
Continue processing the message.
Masquerade (Masquerade,
masquerade
)
Alter the headers with the
variable mappings defined by the
query.
variable mappings defined by the
query.
Continue processing the message.
Group Membership (Group,
ldapgroup
)
Return “true” for message filter
rules.
rules.
Return “false” for message filter rules.
SMTP Auth
(SMTP Authentication,
smtpauth
)
A password is returned from the
LDAP server and is used for
authentication; SMTP
Authentication occurs.
LDAP server and is used for
authentication; SMTP
Authentication occurs.
No password match can occur; SMTP
Authentication attempts fail.
Authentication attempts fail.
External Authentication
(
(
externalauth
)
Individually returns a “match
positive” for the bind, the user
record, and the user’s group
membership.
positive” for the bind, the user
record, and the user’s group
membership.
Individually returns a “match
negative” for the bind, the user record,
and the user’s group membership.
negative” for the bind, the user record,
and the user’s group membership.
Spam Quarantine End-User
Authentication (
Authentication (
isqauth
)
Returns a “match positive” for the
end-user account.
end-user account.
No password match can occur;
End-User Authentication attempts
fail.
End-User Authentication attempts
fail.
Spam Quarantine Alias
Consolidation (
Consolidation (
isqalias
)
Returns the email address that the
consolidated spam notifications
will be sent to.
consolidated spam notifications
will be sent to.
No consolidation of spam
notifications can occur.
notifications can occur.