Anti-virus / Anti-SPAM, Mail relaying
LDAP and eSafe Gateway
eSafe Gateway can be used for scanning incoming and outgoing SMTP connections for virusses and SPAM. Normally eSafe Gateway doesn’t check incoming mail addresses against a directory like Active Directory or Novell Directory Services.
This means that all mail addresses for a trusted domain are forwarded to the internal mail server. In the most ideal situation unknown mail addresses should be blocked at the eSafe Gateway. This feature will take away load from the internal mail server, because this mail server doesn’t have to generate NDR (Non-Delivery Reports) messages. Beside that, the eSafe Gateway also doesn’t have to process the NDR’s. LDAP (Lightweight Directory Access Protocol) provides this functionality.
With LDAP configured, the eSafe Gateway will synchronize all known mail objects from the directory services with the eSafe Gateway. By this, the eSafe Gateway knows all valid mail objects and can block invalid mail objects. There are some issues when configuring a LDAP query with Active Directory. By default Active Directory only allows 1000 objects in one query. Some customers have more mail object, so this settings needs to be added. Inside Active Directory, you should edit the LDAP Policy setting MaxPageSize. Look here for more information about editing the MaxPageSize variable.
Some organizations use PublicFolders in conjunction with Microsoft. These PublicFolders can be mail-enabled and should be added in the LDAP filter configuration inside eSafe Gateway. This is done by changing the default filter
(&(|(objectClass=person)(objectClass=contact)(objectClass=organizationalPerson))(!(objectClass=computer)))
in
(&(|(objectClass=person)(objectClass=contact)(objectClass=organizationalPerson)(objectClass=publicFolder))(!(objectClass=computer)))
This results in adding the mail object PublicFolder to the LDAP query.
René Jorissen
Latest posts by René Jorissen (see all)
- MacOS Big Sur and SSLKEYFILELOG - November 23, 2021
- ClearPass, Azure AD, SSO and Object ID - August 12, 2021
- ClearPass – custom MPSK - July 20, 2021