|
|
|
|
|
How to enable Recipient Filtering on your Exchange Server to stop
it generating emails in response to Spam
What's Recipient Filtering all about?
If an email arrives at your Exchange server, addressed to a non-existent user at
your domain, the sensible thing to do would be to reject it, giving the reason
"No such user here" to the sending server.
It would then be the sending mail-server's job to send
a Non-Delivery Report (NDR) email back to the original sender.
By default Exchange doesn't do this! It accepts the email, and then
decides to reject it and so has to generate its
own NDR email and attempt to send it to the original sender of the email.
What's the problem with this?
Well, these days spammers can send thousands of emails to addresses at your
domain that they have guessed - usually wrongly - and, to try and add legitimacy
to their spam, the From Address of these emails appears to be some real person
who's innocent of sending any spam.
If your Exchange server rejects these emails, the spamming mail-server
doesn't send a NDR to the forged sender but just moves on to sending the the
next spam email.ing the the
next spam email.
If your Exchange server does accept these emails
it means it has to use resources processing them and then, for each incoming
spam email, it will generate a pointless NDR email which often can't be
delivered and, if it can, will, itself, appear to be spam to the innocent person
who didn't send the original email in the first place.
The technical term
for sending an NDR to someone who didn't send you the original email is "Backscatter".
Those good people at www.backscatter.org don't think there's
any excuses for letting your email system send backscatter emails and have
started a blacklist of mail-servers that send these types of emails.
In order to stay off this blacklist we do our best to filter out and delete any backscatter
emails that our smarthost customers attempt to send through our servers.
Also, if you're using our Smarthost service, you're paying for outgoing emails
at something under 0.3p each, so it's a good idea to make sure your are not
sending out ones you don't need to.
We had one customer where Backscatter NDRs made up 80% of their total out-going
emails. We don't like them coming through our servers, even though we charge for
them and attempt to filter them out, as they often can't be delivered and, if
they can, they risk annoying the recipients.
Here's an example of the type of email we mean:-
|
|
 |
Enabling Recipient Filtering to reject emails to non-existent users on
your Exchange Server has no downsides.
Here are the upsides:-
 |
Less load on your server when it's being targeted for spam |
|
You won't get blacklisted for sending NDRs to people who haven't sent you any
emails |
|
If you are using our Smarthost service, you won't be paying for needless emails |
|
Possible objections:-
Q1 |
When a genuine customer sends me an email and, because or a typo, they send
it to a non-existent address, if my Exchange server doesn't send a Non-Delivery
Report, how will they know the email didn't reach me? |
A1 |
They will still get a Non-Delivery Report from the genuine
mail-server sending the email after your Exchange server refuses to accept it.
|
Q2 |
I want to see every email sent to my domain, even if the email address is
invalid so that if a potential customer has made a typo I'll still get to see
it. Is this possible? |
A2 |
Yes, but you'll have to put up with all the spam as well. To do this, don't
enable Recipient Filtering but instead create a Catch-All mailbox - perhaps make
it a Public Folder.
To make a catch-all mailbox in Exchange you need to use
a free 3rd Party Add-on - details
here. |
Step-By-Step instructions of how to configure Recipient
Filtering in Exchange 2003
|
This takes 2 easy steps.
Step 1
In Exchange System Manager go to Global Settings, right-click
on
Message Delivery and chose Properties
|
|
|
On the Recipient Filtering tab, select "Filter recipients who are
not in the Directory" then click OK
|
|
 |
Click OK to the warning message that pops-up - it's just saying
we need to perform a further step.
Step 2
Go to Servers - <SERVER NAME> - Protocols - SMTP
Right-click on Default SMTP Virtual Server and click
Properties
|
|
 |
On the General tab, click Advanced
Select the IP Address and then click Edit
|
|
 |
Select Apply Recipient Filter then click OK - OK - OK
|
|
 |
|
Finished!
^ Top of Page ^
Step-By-Step instructions of how to configure Recipient
Filtering in Exchange 2007 |
In Exchange 2007, the process of rejecting emails sent to invalid users is called
Recipient Validation and enabling this is made complicated, in Exchange 2007, by the way Microsoft has split the
functions of Exchange into different roles.
Recipient Validation is part of
the Anti-spam features that are present, by default, only on the server
performing the Edge Transport Role.
The problem is, if you only have one Exchange server in your company, as most people do, it will be performing
the Hub Transport, Client Access and Mailbox roles but not the Edge Transport
role as this has to be on a separate server. An Exchange email
system will work fine without the Edge Transport role.
The solution is to install the Anti-spam features on the Hub Transport role so we'll start by doing this.
If you do happen to have a separate Edge Transport server then skip ahead to the next section.
Step 1 - How to Install the Anti-spam Agents onto the Hub Transport Role
Open Exchange Management Shell and enter the command:-
cd "c:\Program Files\Microsoft\Exchange Server\Scripts"
This "changes directory" to the folder containing a Powershell script, provided by Microsoft, for installing
the Anti-spam features on the Hub Transport.
Type the following command to run this script:-
.\install-antispamagents.ps1
|
Copy and Paste the commands from this Webpage to avoid spelling mistakes.
To paste into the Exchange Management Shell use Right-click
+ Paste as Ctrl + V doesn't work |
 |
Close the Exchange Management Shell window and either reboot the server or
go to:-
Start - Run
and type:-
services.msc then click OK
Locate the service called Microsoft Exchange Transport, right-click on it
and select Restart
|
 |
Step 2 - How to Configure Recipient Validation
Open the Exchange Management Console and go to:-
Organization Configuration - Hub Transport and select the new
Anti-spam tab
Right-click on Recipient Filtering and select Properties
|
If you have a separate Edge
Transport server then you'll find the the Anti-spam tab under Edge Transport |
 |
Go to the Blocked Recipients tab and select:-
Block messages sent to recipients not in the Global Address List
|
|
Then click OK
|
|
|
|
3 - Disable the Other Anti-Spam Features
If you just installed the Anti-spam agents in Section 1 then, by default, some of these features will now be active.
Whether you enable or disable these other Anti-spam features is something you
need to think about carefully and perhaps experiment with a little.
Today's job
is to enable Recipient Filtering and not to reconfigure your whole anti-spam
system so we recommend that, for now, you disable all the other new features.
Right-click on each feature, in turn, (except Recipient Filtering!) and select Disable
|
|
 |
|
That's it!
^ Top of Page ^
|
If you prefer, you can, instead, email your comments to
support@arrowmail.co.uk
^ Top of Page ^
|
|
| |
© 2021 Arrowmail Ltd, a UK-registered company, number 4079706, registered VAT Number GB 895 0987 60
We welcome any comments about this website, good or bad. Send them to
webmaster@arrowmail.co.uk
|
|
