Setting up Recipient Verification
Since the release of Microsoft Exchange 2003 there has been support for recipient filtering. This allows SpamTitan query the Microsoft Exchange Active Directory to see if the recipient of an email has a valid mailbox. The process is done using SMTP (Simple Mail Transport Protocol) where SpamTitan sends the Exchange Server the “To” address of an incoming email, which is called an “address probe”. If the user has a valid mailbox then SpamTitan will continue to process the email for spam, if not the email is rejected a bounce mail is sent to the sender. Microsoft Exchange 2003 employs “tar pitting” which means simply that it delays the response to an “address probe” by so many seconds to defeat any automated directory harvesting.
Employing Recipient Verification has three main advantages
- Reduces the load on your SpamTitan server as it will only process mail for valid recipients.
- Produces a more accurate license count as there is no mail delivered to non-existing users.
- If a customer or valued partner is sending you email but mis-type your email address they will get an instant response telling the email can’t be delivered. (An excellent article detailing the of setting up Recipient Filter on Exchange Server can be found here)
Once you have done this select “Dynamic Recipient Verification” for your domain on SpamTitan.
If your mail server supports “recipient filtering” as most do it is a better alternative to LDAP verification and much easier to configure.