11-12-2009 02:56 PM
Hi,
we have the following scenario:
There is just one single mail domain.
500 Mailboxes are on an Microsoft Exchange server with Active Directory, 500 Mailboxes are on a different server hosting POP3 Mailboxes.
Obviously I cannot use a LDAP Accept Query, as the AD doesn't have any knowledge about the POP3 mailboxes. The question is, can I still use LDAP for mailrouting, even if some account are not in the AD?
11-12-2009 07:34 PM
If so, you can chain the queries. Have it check the one with the most mailboxes first and the other second.
11-13-2009 08:07 AM
The problem is, that half the users are not on any directory.
So I think we will try to have an smtp route for those and and ldap routing query for those on the AD.
I'm just unsure if this query will generate errors for those users who are not in a directory.
11-13-2009 07:03 PM
if these users still using external POP mail boxes are distinguishable by receiving domain name - there are several options for you.
if you can provide us real address syntax and examples - we might be able to give a more specific answer...
11-16-2009 08:19 AM
Hi,
I don't have the exact sytax yet.
All users are in the same maildomain: @domain.com, so no way to separate mails here. One half of the user are on the exchange, so LDAP based routing is possible here. The other half is external, but this doesn't show in the address and the mails go to a POP3 Server with no directory I can use.
11-16-2009 08:31 AM
Hi Eisenhafen,
If it's really all mailboxes are in the same domain.
It's not possible to have "split-brain" mailboxes backends. That'd be terrible mess. -- split brains means the left brain doesn't know anything with the right brain.
.And it sounds like companies merging mail domains.
.
You may need to take a few steps, including mailbox migration.
A) Talk-Easy steps.
- migrate your non-ldap mailboxes (external pop3) to your ldap-enabled backend.
B) Alternatives....still not easy
subdomain. have one of them change to subdomain..Obviously, the one without ldap should be subdomained.
Ironport will be able to handle, after that's done.
You may need to try masquerade if your ironport also acts as centralized outgoing mta.
C) Can you create AD proxy addresses.....but it's an admin nightmare.
11-16-2009 11:50 AM
The question is, can I still use LDAP for mailrouting, even if some account are not in the AD?
11-25-2009 11:22 AM
Hi Eisenhafen.
We are accepting the emails for our colleagues in India while we are seated in Germany. We run accept queries against our AD using email activated contacts (translation word by word from german, sry) for our indian branch. The routing to India is done by the Exchange server. Even though it requires a bit of maintainance on our side.
11-26-2009 11:53 PM
Well.... there are more LDAP directories that MS-Active Directory.
If I understand you right your main problem is how to route 50% of your recipient addresses to Exchange and 50% of them to the POP3 system. If you could, it would be nice to have a message accept policy that is LDAP driven.
I suggest you try to install a dedicated LDAP server for your Ironport(s). That LDAP server should be updated daily with the details from your AD and an export from the POP3 system. On the LINUX platform there are several options (OpenLDAP, Apache Directory, Fedora 389, etc).
If you make sure your import scripts also provisions the mail addresses of all users and (at least) an attribute like "mailHost" (your Exchange based 50% of your recipients would have a static value of "your.exchange.server" (=hostname of your Exchange bridgehead) as value, the other 50% would have "your.pop3.server" (=hostname of your POP3 server) as value.
After that you can create a mail routing LDAP query that makes sure the messages are routed correctly. The mailHost attribute will be used to determine where the message should be routed to. If needed, you can also run a message acceptance query against that same LDAP. That query would reject all mail addresses that are unknown to the directory.
If you have more questions about this, jus send me a message; I have some experience with this matter.
Steven
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide