Hi. The problem I'm trying to solve is preventing Internet senders from specifying a distribution list in either the Cc: or Bcc: headers. It's trivial to prevent the envelope recipient from being a distribution list by modifying the accept query, but I can't think of a way to invoke an LDAP query against a header.
Anyone have a solution to this other than setting up content filters for "other headers" and manually typing in distribution list addresses by hand?
As far as I know the actual address that triggers the filter in Ironport is the RCPT TO address in the header, before the DATA command. Specifying is an address is a TO, CC or BCC address is done by specifying (or leaving it out, in case of BCC) the appropriate field after the DATA command. So I should expect the LDAP query to do the same, which means you do not have to make any distinct between TO, CC and BCC in your policies and LDAP queries.
LDAP queries are always in terms of the envelope sender or recipient addresses, not the header addresses.
Steven: if I'm understanding jtw properly, what he's trying to do is suppress messages containing certain header recipient addresses (in this case distribution lists), by using LDAP queries. There doesn't seem to be any way to do this with AsyncOS. The error you're making is assuming that everything in the recipient headers will be reflected in the envelope. That's not always the case. However, it does bring up a relevant question for jtw to answer: What exactly are you trying to accomplish? In other words, why are you trying to suppress the use of distribution lists in the recipient headers rather than in the envelope? The envelope is what affects actual delivery. The headers only affect what the recipient sees in his mail client.
When you specify email addresses in the Cc: or Bcc: field of your MUA(Outlook, thunderbird, etc), your MUA will convert them to envelope 'RCPT TO' addresses when it delivers the message to the next hop mail server.
So you can essentially use LDAP to block messages Cc'ed or Bcc'ed to distribution lists. However, if someone just spoofs the Cc header, then you are dealing with another issue.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :