Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Not in the LDAP Group - Content Filter Action

Hi gurus,

I already configured LDAP on my C350 with a policy that if user is not in the ldap group i created/queried, it cannot send an email...

However, im wanted a content filter on my LDAP Policy Name that will have an action to drop dead mails..

How do i do it....

Primarily..i disabled content filters on my ldap group policy name and set the default policy to drop....

Its something like this..

# Policy Name Antispam AntiVirus Content Filters Virus Outbreak
1 mydomainAD enabled enabled disabled enabled
2 default enabled enabled drop_filter enabled

Anyone can suggest?

On the #1 policy i wanted to create a content filter that will drop if the user is not in my LDAP.. i dont see any option at the content filter that says IF NOT MEMBER OF THE LDAP GROUP... action - DROP

thank you

Community Member

Re: Not in the LDAP Group - Content Filter Action

I don't think there is a way to query if an email recipient is not a member of a certain group.

How many ldap groups are you comparing the recipient email addresses to?

I think the current way you're doing it is fine. In policy #1, put in all the groups that are allowed to send. You can put in mutliple groups.

Then policy #2 is for any email recipients that are not found in policy #1.

Community Member

Re: Not in the LDAP Group - Content Filter Action


I got 3 LDAP groups with different domains ...and they work perfectly fine...

I am able to queries emails with multiple aliases using the group query proxy address on search group..

I was able to test it if a user outside attempted to send deadmails... ESA will drop it and notify that user doesnt exist and is refused entry to my domain..

im going to test it the content filters ...for those domain...

hope i can get it right...

thank you.

CreatePlease to create content