Synchronizing email addresses to provide a “allowlist” of valid email addresses
Steps
Review the existing LDAP/Active Directory data structure and decide how to search for all relevant email addresses.
Download the client and install it on the target client machine.
Configure the Directory Synchronization Client to search the LDAP directory and extract groups and extract email addresses to a local file. (See the Directory Synchronization Client Administrator’s Guide for instructions). Review the
results and modify the search as necessary to ensure it returns expected results.
In the cloud manager, set up a contact with Directory Synchronization permissions. (See Set up authentication (Directory Synchronization only)). This will be the
username/logon used for the Directory Synchronization Client to log onto the cloud manager.
In the cloud manager, enable Directory Synchronization. (See Configure identity management). Make sure “Reject mail for unknown users” is not enabled. (Turn this on only
when you are sure the mail list is synchronized and correct).
In the Directory Synchronization Client, set up portal settings in the configuration established above, changing the output type to portal (not file) and using the contact with
Directory Synchronization permissions created above. (See the Directory
Synchronization Client Administrator’s Guide).
During a slow period, select Replace on the client. Data is synchronized to the cloud manager. Note the number of additions. This is visible in the
Synchronization page and also from the notification email messages.
Go to the cloud manager, Configure Directory Synchronization page and download a CSV file of email addresses. (See Configure identity management) Check if these are
correct, perhaps by comparing them against a known list from Active Directory.
On the Directory Synchronization page, view Recent Synchronizations and compare the totals of additions against those noted in the Directory Synchronization Client. They should
match. (See View recent synchronizations).
If everything appears to be working, go to the Configure Directory Synchronization page again and select Reject mail for unknown users. Email address
filtering is now live.
Set up a schedule time in the Directory Synchronization Client for the background task to run. Close the client tool. If there is a problem with the first scheduled
synchronization, you can restore the directory to its previous version. See Restore directories.