I need a little assistance again after encountering a spam mail actually emailed one of our distribution group. Is there way to setup an LDAP query to work on every email address except for 1 OU (such as "Distribution Group" OU.)
Even a filter would be a nice workaround if anyone can offer some advice.
I have no Ironport example but I think you manage to add the Ironport specific stuff to it yourself.
A few examples: This one does what you ask for. It includes all objects with “objectclass=person" and any value in the "mail=" attribute. except if the object is in a container that is named exludedUsers1 (anywhere in your directory)
These filters all take the complete DN and analyze it to see if there is a matching container in this DN. This means (with the first example) that the objects in the container "/o=org,dc=dc1,ou=excludedUsers1" are excluded but also the objects in the container "/o=org,dc=dc2,ou=excludedUsers1" If you want you can be more explicit in defining the path to exclude or include but I have no examples present for the moment. If you really want I can find it out for you.
Note: for readability I formatted the filters over a few lines, you can simply remove all spaces and line brakes to place it in your single line searchfilter field in the GUI.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...