A Recipient Callout is a method of checking the validity of email recipients used in spam filtering and email security solutions. A Recipient Callout uses the recipient's email server to verify that the specified email recipient (Recipient) actually exists on the server and can accept email.
Here's how a Recipient Callout usually works:
If a message is addressed to a recipient not known to the target server, there is no reason to accept it. For this reason we first check whether the recipient's address exists on the target server. This is done automatically on the basis of a callout. Existing and non-existing recipient addresses are stored internally to minimize the number of callouts at the target server. We perform the callouts on SMTP level, as all mail server types are compatible with it. Therefore, an additional check of the user via LDAP is not necessary.
If the target server permanently rejects a message with a 5xx error for a specific recipient, the target address is marked as invalid and all messages for this recipient are rejected. This information is stored on our server for 2 hours. The stored callout information can be removed at any time via the menu item "Clear callout cache" in the web interface.
These are stored for up to 96 hours.
Our filter servers perform a so-called "null sender"callout as soon as a message is to be delivered. With such a callout, the filter server connects to the target server and performs a query with an empty sender field (like a bounce message does) and the corresponding recipient address. After the recipient has been checked, the connection is closed. Please make sure that the target server supports the recipient verification in this way.
In order to check whether the "catch-all"function has been enabled on the target server, a randomly generated address is used to check the servers first. Of course, it makes no sense to perform these callouts if the mail server accepts any mail, even if the recipient does not actually exist. The check result is stored on the filter servers in the same way as a normal check.