Novell Home

Tip: How to implement LDAP lookups from a Barracuda Spam Firewall

Novell Cool Solutions: Tip
By Brian Nagozruk

Digg This - Slashdot This

Posted: 17 Mar 2005
 

Problem:

Customer had problems trying to implement LDAP lookups from a Barracuda Spam Firewall.

Solution:

The default configuration needs to be modified to work properly.

Example:

This document describes how I configured a Barracuda 300 to deliver mail to GroupWise 6.5 using LDAP queries to validate email addresses.

The LDAP server being used in this configuration is the local GroupWise server which is running NLDAP (which is native to the Operating System). The GWIA object is not required to have LDAP enabled for this configuration to work. Where most failures occur is in three areas, a username and/or password is not specified (if you have anonymous binds enabled), or your LDAP filter is too broad/complex or it filters out the information we are looking for.

LDAP Port: 389
LDAP Server: x.x.x.x
Exchange Excelerator Enabled: No
Unify Email Aliases: No
LDAP/Exchange Username: cn=username,ou=somecontext,o=someorg
LDAP/Exchange Password: userpasswordhere
LDAP Filter: (|(mail=${recipient_email}))
LDAP Search Base: ${defaultNamingContext}

Important Notes:

You **MUST** specify a username and password for the Barracuda LDAP client to use. This is true even if you allow anonymous binds to your NetWare LDAP server, the same goes if you use other LDAP servers. The Barracuda LDAP client will not work if you do not fill out these fields properly. Period. If you leave the default LDAP Search Base as listed above your searches may be restricted by your configuration stored in the LDAP group/server object(s) in eDirectory.

As of the date/time of the writing of this document, It was not determined if the Barracuda 300 supports the use of secure bindings for LDAP lookups (i.e. Secure Port 636).

Tested Platform/environment:

Barracuda 300
Firmware v3.1.12 (2005-10-02 16:43:44)
NetWare 6.5.2
GroupWise 6.5.3
eDirectory 8.7.3.4

Disclaimer: Since I do not know your configuration, this particular configuration may assist you in the final solution to your problem. However, please remember to document all your changes as you implement them in your environment, this is so that you have the ability to back out any changes you make in the event of unforseen problems.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell