Showing results for 
Search instead for 
Did you mean: 

Domain-based routing - usage of wildcard

We are using MEG 6.7.2 HF3.

We have a direct connection to another company where we can reach their smtp-server.

So we want to define domain-based routing for domain "parter-company.tld" and all sub domains like "sub1.partner-company.tld", "sub1.partner-company.tld"... to send email for them directly to their smtp-server. They have about 1000 subdomains in the company.

Problem is that we are not able to use a wildcard in domain-based routing, we tried "*.partner-company.tld" and ".partner-company.tld" both are not accepted when trying to save.

We know the option "Enable sub-domain routing" in "Intrusion Defender / Configure Mail Services / Global". But when activating this option we have the problem to become a non-delivery-notification (ndn) spammer. I try to explain what happens.

We are using the domain "our-company.tld". For email addresses in this domain we are using ldap check to verify if the recipient address is valid.

When activating "Enable sub-domain routing" we can be used as ndn-spammer coz we accept email for any sub domain of our-company.tld and do not check if the address is valid.

Any idea how to solve this problem?

We could get a list of all sub domains of the "partner-company.tld" to import them in MEG, but we don’t know if this will be a good idea to import about 1000 domains...

on 22.09.10 12:16:06 MESZ
5 Replies

Re: Domain-based routing - usage of wildcard


is here no one understanding the problem?

Especially the people from McAfee Support cannot give an answer?

If the answer is that this configuration is not possible it should be implemented in product update.

Re: Domain-based routing - usage of wildcard

I agree.  Sometimes it feels like no one is listening.  Not enough communication for this product after McAfee took over.

Level 11
Report Inappropriate Content
Message 4 of 6

Re: Domain-based routing - usage of wildcard

Importing 1000 domains should be fine.

Another option would be to put all of the users on a single domain controller that the ironmail can do ldap querries against to validate the email addresses. This is assuming that the reason you dont do subdomain routing is because user email addresses are spread across several domain controllers.

you can also create several ldap profiles that can be used on a per domain or per domain group basis that will querry specfic servers.

Re: Domain-based routing - usage of wildcard

Problem is that the external partner sometimes has changes and creates new subdomains, so he must inform us to import them too.

We already use several ldap profiles coz we have mutliple email systems in our own company (Echange and several Lotus Domino systems) and also offer Email-Gateway-Security for another company.

But also here i am not able to use wildcards, so for example when suddomain routing is enabled a spam sender may send email to the domains:




and i am not able to check if these adresses are valid coz in the LDAP configuration i can only use "mycompany.tld" as domain entry and not "*.mycompany.tld".

There is no chance to build one LDAP-Directory which contains all valid email adresses.

Hope someone understands the problem and can give some further help!

Re: Domain-based routing - usage of wildcard

If you decide that the best approach is to validate all e-mail addresses via LDAP, you should check the concept of the LDAP Virtual Directory, also called an LDAP Proxy.

I do not have any specific experience with this.  But as I understand, this is a server that responds to LDAP queries and is able to "cache" entries from Multiple LDAP servers.   This LDAP Proxy serves as a "master" LDAP server for multiple domains.   It does not "do" anything on its own -- it just takes entries from other LDAP servers.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community