Jump to content

Active Directory LDAP queries


Recommended Posts

Long shot, but any AD/LDAP gurus on here? I'm trying to query AD from an external mail filtering package to determine a list of valid email addresses (users, distribution lists and mail-enabled public folders) so that the mail filter can reject all the junk mail I'm getting to <[email protected]>.

I've got a query for the proxyaddresses attribute with a filter of objectclass=user which works fine to get a list of users email addresses. I've tried a filter of 'objectclass=publicfolder' but that retrieves all public folder proxy addresses, not just the mail-enabled ones I can see in the Outlook address book.

Any ideas on other filter criteria I can use?


Link to comment
Share on other sites

Thanks for taking an interest in my thread! smile.gif

The product I'm using is Mailsweeper and it's a very comprehensive mail filtering product. Problem is, for some reason I've been receiving thousands of emails a day to random addresses that don't exist on my domain (really random strings of numbers and letters like [email protected]) and just in case a non-spam is accidentally marked as spam, I don't auto-delete, I quarantine for a few days to give me time to recover it if it's needed.

The thousands of spams to random addresses clog up the manager and mean it's a PITA finding any legitimate mail that's been marked incorrectly as spam. If I can instruct it to delete any mail that's not to a valid address, I can cut most of that out, hence needing an LDAP query that can list all public folders and users in the Global Address List. I figured out you probably can't do it, but I did get almost the same affect by using 3 different queries and merging the results.

And most of the spam that gets through the wordlist filters is stuff in HTML with comment tags in the middle of suspect words and all kinds of crazy letter substitutions like 'v/[email protected]' and the like - very hard to clean that out with wordlists, so the new version I'm installing at the moment has Bayesian learning where you feed confirmed spam and non-spam back in and it learns from that what is and isn't legitimate. I've just got such a complex policy on the old box that it's taking a while to reconstruct it.

And if spam still gets through, a Spamassassin box will sit in front of this one!

Thanks again for the suggestion though. beerchug.gif

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...