is here no one understanding the problem?
Especially the people from McAfee Support cannot give an answer?
If the answer is that this configuration is not possible it should be implemented in product update.
I agree. Sometimes it feels like no one is listening. Not enough communication for this product after McAfee took over.
Importing 1000 domains should be fine.
Another option would be to put all of the users on a single domain controller that the ironmail can do ldap querries against to validate the email addresses. This is assuming that the reason you dont do subdomain routing is because user email addresses are spread across several domain controllers.
you can also create several ldap profiles that can be used on a per domain or per domain group basis that will querry specfic servers.
Problem is that the external partner sometimes has changes and creates new subdomains, so he must inform us to import them too.
We already use several ldap profiles coz we have mutliple email systems in our own company (Echange and several Lotus Domino systems) and also offer Email-Gateway-Security for another company.
But also here i am not able to use wildcards, so for example when suddomain routing is enabled a spam sender may send email to the domains:
and i am not able to check if these adresses are valid coz in the LDAP configuration i can only use "mycompany.tld" as domain entry and not "*.mycompany.tld".
There is no chance to build one LDAP-Directory which contains all valid email adresses.
Hope someone understands the problem and can give some further help!
If you decide that the best approach is to validate all e-mail addresses via LDAP, you should check the concept of the LDAP Virtual Directory, also called an LDAP Proxy.
I do not have any specific experience with this. But as I understand, this is a server that responds to LDAP queries and is able to "cache" entries from Multiple LDAP servers. This LDAP Proxy serves as a "master" LDAP server for multiple domains. It does not "do" anything on its own -- it just takes entries from other LDAP servers.