To allow end-users to access quarantined spam items that InterScan™ Messaging Security Appliance (IMSA) might have misidentified as spam, do the following:
Configure LDAP settings for user-group definition, administrator privileges, or end-user quarantine authentication. You can enable up to two LDAP servers for each IMSA server.
To configure LDAP settings:
Choose Administration > IMSA Configuration > Connections. The Components tab displays by default.
Click the LDAP tab.
Next to LDAP server type, choose the type of LDAP servers on your network:
Microsoft Active Directory
Domino
Sun iPlanet Directory
Next to Enable LDAP 1, select the check box.
Next to LDAP server, type the server name or IP address.
Next to Listening port number, type the port number that the LDAP server uses to listen to access requests.
Configure the settings under LDAP 2 if necessary
Under LDAP cache expiration for policy services and EUQ servers, type the time to live in minutes.
Under LDAP admin, type the administrator account, and the corresponding password.
Type the based distinguished name.
Select an authentication method:
Simple
Advanced—Uses Kerberos authentication for Active Directory. Configure the following:
Kerberos authentication default realm—Default Kerberos realm for the client. For Active Directory it must be the Windows domain name in upper case (Kerberos is case-sensitive).
Default domain—The Internet domain name equivalent to the realm.
KDC and admin server—Hostname or IP address of the Key Distribution Center for this realm. For Active Directory it is usually the domain controller.
KDC port number—The associated port number.
Click Save.
If you are using the Configuration Wizard, click Next.
|
IBM Domino only supports Simple Authentication method. |
Enable user quarantine access to allow your users to access quarantined spam items that InterScan™ Messaging Security Appliance (IMSA) might have misidentified as spam. The clients use LDAP authentication to access the IMSA EUQ service.
To enable and configure user quarantine access:
Choose Administration > End-User Quarantine from the menu. The EUQ Management tab displays by default.
Click the User Quarantine Access tab.
Select Enable access.
Select the number of days to keep quarantined spam.
Select the maximum number of senders each end-user can approve when sifting through the quarantined email messages.
Type a login page message that appears on your user's browser when he/she starts to access the quarantined email messages.
Under Select LDAP groups, select the check box next to Enable all to allow all LDAP group users to access quarantined spam.
To add individual LDAP groups, clear the Enable all check box and do either of the following:
Search for groups:
From the drop down list, select Search LDAP groups.
Type the group name.
Click Search. The groups appear in the table below.
Click the LDAP groups to add.
Click >>. The groups appear in the Selected Groups table.
Browse existing groups:
From the drop down list, select Browse LDAP groups. The groups appear in the table below.
Click the LDAP groups to add.
Click >>. The groups appear in the Selected Groups table.
Click Save.
|
When enabling user quarantine access for an LDAP group, you can use wildcards in the beginning and/or at the end of the LDAP group if you have specified Microsoft Active Directory or Sun iPlanet Directory as the LDAP server. For example, A*, *A, *A* are all allowed. If you have selected Domino as the LDAP server, you can only use wildcards at the end. For example, *A, *A* are not allowed. |
Start IMSA EUQ service.
Choose Summary from the menu. The Real-time Statistics tab displays by default.
Click the System tab.
Click the Start button for EUQ Service under Managed Server Settings.
See also: