PROBLEMAn Active Directory (AD) forest contains more then one domain. Each AD domain has its own Distinguished Name (DN) with its own email address. When enabling Directory Harvesting in GFI MailEssentials, only email addresses for users in the same domain can be checked. Emails addressed to users in the other domains will be blocked by Directory Harvesting which reports that the recipient does not exist.
For example, the email domains are support.gfi.com and sales.gfi.com with their respective DNs being DC=support,DC=gfi,DC=com and DC=sales,DC=gfi,DC=com.
- GFI MailEssentials
- all supported environments
SOLUTIONIn order to retrieve email addresses from all your AD domains by GFI MailEssentials, you need to configure the GFI MailEssentials Directory Harvesting filter to perform LDAP lookups to your Global Catalog server. You will also need to configure less restrictive Base DN so that the queries are done to all your AD domains.
Proceed as follows:
- Open the GFI MailEssentials configuration.
- Expand the Anti-Spam node > Anti-Spam Filters > Directory Harvesting
- In the General tab, select Use LDAP lookups
- In the Server: field, specify the name or IP address of the Global Catalog machine
- In the Port field, insert the port of your Global Catalog. By default, this is 3268.
- In the Base DN: field, you need to specify the least restrictive Base DN. To ensure that Directory Harvesting will retrieve information from all domains, you can leave the Base DN empty. This can be achieved by entering a space in the Base DN field
- Click the Test buttons and try using existing email addresses from all local domains to confirm that Directory Harvesting is working correctly
- Test also using a non-existing email address to ensure that it Directory Harvesting is working as expected
- When done, click Ok to apply the changes