Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

To create an LDAP-based SMTP Authentication profile, you must have previously created an SMTP 
Authentication query in conjunction with an LDAP server profile using the System Administration > 
LDAP page. You can then use this profile to create an SMTP Authentication profile. For more 
information about creating an LDAP profile, see 

.

Choose Network > SMTP Authentication. 

Click Add Profile. 

Enter a unique name for the SMTP authentication profile. 

For the Profile Type, select LDAP. 

Click Next. 

Select the LDAP query you would like to use for this authentication profile. 

Select a default encryption method from the drop-down menu. You can select from SHA, Salted SHA, 
Crypt, Plain, or MD5. If your LDAP servers prefix an encrypted password with the encryption type, 
leave ‘None’ selected. If your LDAP server saves the encryption type as a separate entity (OpenWave 
LDAP servers, for example), then select an encryption method from the menu. The default encryption 
setting will not be used if the LDAP query is using bind. 

Click Finish.

Submit and commit your changes. 

After creating the authentication profile, you can enable the profile on a listener. See 

 for more information.

After using the Network > SMTP Authentication page to create an SMTP authentication “profile” that 
specifies the type of SMTP authentication you want to perform (LDAP-based or SMTP 
forwarding-based), you must associate that profile with a listener using the Network > Listeners page 
(or the 

listenerconfig

 command). 

An authenticated user is granted RELAY connection behavior within their current Mail Flow Policy.

You may specify more than one forwarding server in a profile. SASL mechanisms CRAM-MD5 and 
DIGEST-MD5 are not supported between the appliance and a forwarding server. 

In the following example, the listener “InboundMail” is edited to use the SMTPAUTH profile configured 
via the Edit Listener page: