Synchronizing email addresses to provide a “allowlist” of valid email addresses

Steps

  1. Review the existing LDAP/Active Directory data structure and decide how to search for all relevant email addresses.
  2. Download the client and install it on the target client machine.
  3. Configure the Directory Synchronization Client to search the LDAP directory and extract groups and extract email addresses to a local file. (See the Directory Synchronization Client Administrator’s Guide for instructions). Review the results and modify the search as necessary to ensure it returns expected results.
  4. In the cloud manager, set up a contact with Directory Synchronization permissions. (See Set up authentication (Directory Synchronization only)). This will be the username/logon used for the Directory Synchronization Client to log onto the cloud manager.
  5. In the cloud manager, enable Directory Synchronization. (See Configure identity management). Make sure “Reject mail for unknown users” is not enabled. (Turn this on only when you are sure the mail list is synchronized and correct).
  6. In the Directory Synchronization Client, set up portal settings in the configuration established above, changing the output type to portal (not file) and using the contact with Directory Synchronization permissions created above. (See the Directory Synchronization Client Administrator’s Guide).
  7. During a slow period, select Replace on the client. Data is synchronized to the cloud manager. Note the number of additions. This is visible in the Synchronization page and also from the notification email messages.
  8. Go to the cloud manager, Configure Directory Synchronization page and download a CSV file of email addresses. (See Configure identity management) Check if these are correct, perhaps by comparing them against a known list from Active Directory.
  9. On the Directory Synchronization page, view Recent Synchronizations and compare the totals of additions against those noted in the Directory Synchronization Client. They should match. (See View recent synchronizations).
  10. If everything appears to be working, go to the Configure Directory Synchronization page again and select Reject mail for unknown users. Email address filtering is now live.
  11. Set up a schedule time in the Directory Synchronization Client for the background task to run. Close the client tool. If there is a problem with the first scheduled synchronization, you can restore the directory to its previous version. See Restore directories.