Spam Quarantine End-User Authentication Queries

End-user authentication queries validate users when they log in to the spam quarantine. The token {u} specifies the user (it represents the user’s login name). The token {a} specifies the user’s email address. The LDAP query does not strip "SMTP:" from the email address; AsyncOS strips that portion of the address.

Based on the server type, AsyncOS uses one of the following default query strings for the end-user authentication query:

Active Directory: (sAMAccountName={u})
OpenLDAP: (uid={u})
Unknown or Other: [Blank]

By default, the primary email attribute is mail. You can enter your own query and email attributes. To create the query in the CLI, use the isqauth subcommand of the ldapconfig command.

Note	If you want users to log in with their full email addresses, use (mail=smtp:{a}) for the query string.