User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680

681

682

683

684

685

686

687

688

689

690

25-3

AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide

Chapter 25 LDAP Queries

Overview of LDAP Queries

• External Authentication. You can configure your appliance to use your LDAP directory to

authenticate users logging in to the appliance. For more information, see Configuring External

LDAP Authentication for Users, page 25-40.

• Spam Quarantine End-User Authentication. You can configure your appliance to validate users

when they log in to the end-user quarantine. For more information, see Authenticating End-Users of

the Spam Quarantine, page 25-43.

• Spam Quarantine Alias Consolidation. If you use email notifications for spam, this query

consolidates the end-user aliases so that end-users do not receive quarantine notices for each aliased

email address. For more information, see Spam Quarantine Alias Consolidation Queries,

page 25-44.

• User Distinguished Name. If you use RSA Enterprise Manager for data loss prevention (DLP), this

query retrieves the distinguished name for senders of messages that may contain DLP violations.

The Email Security appliance includes the distinguished name when it sends DLP incident data to

Enterprise Manager. For more information, see Identifying a Sender’s User Distinguished Name for

RSA Enterprise Manager, page 25-45.

Understanding How LDAP Works with AsyncOS

When you work with LDAP directories, the appliance can be used in conjunction with an LDAP

directory server to accept recipients, route messages, and/or masquerade headers. LDAP group queries

can also be used in conjunction with message filters to create rules for handling messages as they are

received by the appliance.

Figure 25-1 demonstrates how the appliance works with LDAP:

Figure 25-1 LDAP Configuration

The sending MTA sends a message to the public listener “A” via SMTP.

2. The appliance queries the LDAP server defined via the System Administration > LDAP page (or by

the global

ldapconfig command).

Firewall

Appliance

Sending MTA

• Recipient email address (local)

• Mailhost information

• Mail routing information

• Group information

• SMTP AUTH

HELO

SMTP

DC=example,DC=com

with LDAP enabled