Cisco Cisco Email Security Appliance C170 사용자 가이드

You create a chain query from the System Administration > LDAP > LDAP Server Profiles page. 

From the LDAP Server Profiles page, click Advanced.

Click Add Chain Query.

The Chain query page opens.

Add a name for the chain query.

Select the query type. 

When you create chain queries, you cannot select different types of queries. Once you select a query 
type, the Cisco IronPort appliance populates the query field with queries of that type from available 
server profiles.

Select a query to add to the chain query. 

The Cisco IronPort appliance runs the queries in the order you configure them. Therefore, if you add 
multiple queries to the chain query, you might want to order the queries so that more specific queries 
are followed by more general queries.

Test the query by clicking the Test Query button and entering a user login and password or an email 
address to test in the Test Parameters fields. The results appear in the Connection Status field.

Optionally, if you use the {f} token in an acceptance query, you can add an envelope sender address to 
the test query. 

Once you create the chain query, you need to associate it with a public or private listener.

Submit and commit your changes.

Directory Harvest Attacks occur when a malicious sender attempts to send messages to recipients with 
common names, and the email gateway responds by verifying that a recipient has a valid mailbox at that 
location. When performed on a large scale, malicious senders can determine who to send mail to by 
“harvesting” these valid addresses for spamming. 

The Cisco IronPort Email Security appliance can detect and prevent Directory Harvest Attack (DHA) 
when using LDAP acceptance validation queries. You can configure LDAP acceptance to prevent 
directory harvest attacks within the SMTP conversation or within the work queue.