All Email Security Gateways configured to do Outbound Relay and all Outbound Email Security Gateways, firmware versions 3.3 and higher.
Please note that the LDAP filter for SMTP Authentication / SASL uses a different syntax from the LDAP configuration used for recipient verification.
On the Advanced > Outbound/Relay page, recommended settings for the LDAP Filter include:
For ActiveDirectory, (sAMAccountName=%u)
For OpenLDAP - (cn=%u)
The LDAP Filter should be in the form (<uid>=%u), where <uid> is the UID value on the LDAP server. Here are other tokens that may be useful for the LDAP Filter when configuring SMTP Authentication / SASL. The following tokens can be used in the LDAP Filter string:
- %% = %
- %u = user
- %U = user portion of %u (%U = test when %u = firstname.lastname@example.org)
- %d = domain portion of %u if available (%d = domain.com when %u = email@example.com), otherwise it will be same as %r (see below)
- %1-%9 = domain tokens (%1 = com, %2 = domain when %d = domain.com)
- %s = service
- %r = realm
- %D = user DN (available for group checks)
Link to This Page: