Prev: Customise Global Address List Column
Next: Standard format "Signature" for outgoing emails.
From: MM on 19 May 2010 11:09
Hallo.
we have enabled recipient filtering for our organization as we are requested
to reject with a SMTP connection error messages addressed to non existent
recipients as follows:

EMC - Organization Configuration - Hub Transport - Anti-spam - Recipient
Filtering enabled
Block messages sent to recipients not listed in the GAL

Still, if I telnet on port 25 I get a 250 2.1.5 Recipient OK message to a
RCPT TO:non_existent_user(a)mydomain.com

We have 2 Exchange 2007 SP1 servers:
both are HubTransport+ClientAccess+Mailbox+UnifiedMessaging
Exch1 is Windows Server 2003 Ent R2 SP2
Exch2 is Windows Server 2008 Ent SP2
GFI Mail Essentials for Exchange/SMTP is installed on both

Can you point to anything I could check?
Thank you for your help

MT



From: Rich Matheisen [MVP] on 19 May 2010 17:57
On Wed, 19 May 2010 08:09:01 -0700, MM <MM(a)discussions.microsoft.com>
wrote:

>Hallo.
>we have enabled recipient filtering for our organization as we are requested
>to reject with a SMTP connection error messages addressed to non existent
>recipients as follows:
>
>EMC - Organization Configuration - Hub Transport - Anti-spam - Recipient
>Filtering enabled
>Block messages sent to recipients not listed in the GAL
>
>Still, if I telnet on port 25 I get a 250 2.1.5 Recipient OK message to a
>RCPT TO:non_existent_user(a)mydomain.com
>
>We have 2 Exchange 2007 SP1 servers:
>both are HubTransport+ClientAccess+Mailbox+UnifiedMessaging
>Exch1 is Windows Server 2003 Ent R2 SP2
>Exch2 is Windows Server 2008 Ent SP2
>GFI Mail Essentials for Exchange/SMTP is installed on both
>
>Can you point to anything I could check?

What are the permissions on the receive connectors? If you've use the
"Externally Secured" permission then it bypasses all anti-spam
checking.
---
Rich Matheisen
MCSE+I, Exchange MVP
From: MM on 19 May 2010 19:04
Thank you.
On the receive connectors "Externally secured" is not selected.

I've also tried to add a blocked recipient address directly to the list but
I get the same behaviour and messages are delivered regularly, so I don't
even think the problem is in accessing the GAL.



"Rich Matheisen [MVP]" wrote:

> On Wed, 19 May 2010 08:09:01 -0700, MM <MM(a)discussions.microsoft.com>
> wrote:
>
> >Hallo.
> >we have enabled recipient filtering for our organization as we are requested
> >to reject with a SMTP connection error messages addressed to non existent
> >recipients as follows:
> >
> >EMC - Organization Configuration - Hub Transport - Anti-spam - Recipient
> >Filtering enabled
> >Block messages sent to recipients not listed in the GAL
> >
> >Still, if I telnet on port 25 I get a 250 2.1.5 Recipient OK message to a
> >RCPT TO:non_existent_user(a)mydomain.com
> >
> >We have 2 Exchange 2007 SP1 servers:
> >both are HubTransport+ClientAccess+Mailbox+UnifiedMessaging
> >Exch1 is Windows Server 2003 Ent R2 SP2
> >Exch2 is Windows Server 2008 Ent SP2
> >GFI Mail Essentials for Exchange/SMTP is installed on both
> >
> >Can you point to anything I could check?
>
> What are the permissions on the receive connectors? If you've use the
> "Externally Secured" permission then it bypasses all anti-spam
> checking.
> ---
> Rich Matheisen
> MCSE+I, Exchange MVP
> .
>
From: Rich Matheisen [MVP] on 19 May 2010 22:16
On Wed, 19 May 2010 16:04:01 -0700, MM <MM(a)discussions.microsoft.com>
wrote:

>Thank you.
>On the receive connectors "Externally secured" is not selected.
>
>I've also tried to add a blocked recipient address directly to the list but
>I get the same behaviour and messages are delivered regularly, so I don't
>even think the problem is in accessing the GAL.


"GFI Mail Essentials for Exchange/SMTP is installed on both"

Shouldn't your spam filter be rejecting those messages?

If that spam filter receives the messages and then sends the message
(with SMTP) to Exchange, then Echange probaby has been instructed to
consider that sending software's IP address as an internal address (or
maybe the sapm filter is usinag an authenticated connection to send
the mail to Exchange).
---
Rich Matheisen
MCSE+I, Exchange MVP
From: MM on 20 May 2010 07:31
"Rich Matheisen [MVP]" wrote:

> On Wed, 19 May 2010 16:04:01 -0700, MM <MM(a)discussions.microsoft.com>
> wrote:

>
> "GFI Mail Essentials for Exchange/SMTP is installed on both"
>
> Shouldn't your spam filter be rejecting those messages?
>
> If that spam filter receives the messages and then sends the message
> (with SMTP) to Exchange, then Echange probaby has been instructed to
> consider that sending software's IP address as an internal address (or
> maybe the sapm filter is usinag an authenticated connection to send
> the mail to Exchange).
> ---
> Rich Matheisen
> MCSE+I, Exchange MVP
> .
>

Thank you again.
Actually GFI is configured to perform Directory Harvest filtering not at the
SMTP level. Exchange should be doing Recipient filtering before GFI gets the
mail.
(http://kbase.gfi.com/showarticle.asp?id=KBID003427)

To be sure they're not conflicting I disabled GFI DH filter, but I still get
a Recipient OK reply instead of the SMTP connection error.

Our organization is expressly required to send a SMTP connection error on
RCPT TO:non-existent, that's why I'm trying to make Exchange Recipient
filtering work.

From what I've seen GFI would block an email for all recipients when the
configured non-existent-users threshold is reached: setting the threshold to
1 would be too restrictive and >1 doesn't fulfill our requirement, so I'm
afraid we can'use this option.

Sicerely
MM


 |  Next  |  Last
Pages: 1 2
Prev: Customise Global Address List Column
Next: Standard format "Signature" for outgoing emails.