Jump to content

EMSX - Drop emails that are sent to addresses that dont exist


Recommended Posts

Hi All,

A customer of mine has Exchange Mail Security 6.4 installed and integrated with Exchange 2010.

Spammers keep sending emails to addresses that do not exist in the Exchange environment...this is causing the Exchange server to send NDR's back. From what I understand, this is considered a reverse NDR attack.

How can I configure Exchange Mail security to just drop emails that are going to addresses that do not exist in Exchange? 

I understand within the Exchange Management Console, there is a way of filtering recipients and blocking emails going to addresses that do not exist in the directory. Is there a way of setting this up within ESET Mail Security?

Edited by wolflord
Link to comment
Share on other sites

  • ESET Staff

Hi wolflord,

You can use mail transport rules to achieve this, e.g.:

Conditions:
Internal message - False
Recipient validation result - is - Contains invalid recipients
Recipient validation result - is not - Contains valid recipients

Actions:
Log to events/Drop/Reject


I suggest to do some testing with "Log to events" or "Reject message" action for some time and check logs if the rule works correctly.

NOTE: Drop message action has one disadvantage - if a sender makes a typo in the email address, even a valid mail will be dropped (e.g. john.doe@mydomain.com vs. jonh.doe@mydomain.com)

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...