A regularly configured Exchange server should automatically reject messages to non-existent email addresses.
However, an incorrectly configured server may also accept messages to non-existent users, because Exchange first accepts the incoming message and only then decides whether to reject or accept it. If the message is rejected, the Exchange creates its own non-deliverability report and attempts to return it to the sender. This unnecessarily consumes resources, which can be avoided with the following measures. The following changes allow EuropeanMX to perform a recipient callout on your mail server to verify that a recipient is actually existing. Messages to non-existent recipients will be automatically rejected by EuropeanMX.
No changes are necessary for Exchange 2003. Recipients should be easily verified and incoming messages delivered.
Recipient verification can be easily enabled or disabled from the Exchange 2007 management console or from the management shell.
English
Deutsch
Arabic
Armenian
Bosnian
Bulgarian
Croatian
Czech
Danish
Dutch
Estonian
Finnish
French
Georgian
Greek
Italian
Latvian
Lithuanian
Luxembourgish
Macedonian
Norwegian
Polish
Portuguese
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Turkish
Ukrainian
Set-RecipientFilterConfig -Enabled $trueSet-RecipientFilterConfig -Enabled $falseRecipient verification can be easily enabled or disabled from the Exchange management console or from the management shell. First, make sure that you are not using the Edge Transport Server standalone installation, which does not have anti-spam functionality installed. In order to enable it, please use the knowledgebase article from Microsoft (https://docs.microsoft.com/en-us/previous-versions/office/exchange-server-2010/bb201691(v=exchg.141)).
Set-SenderFilterConfig -Enabled $trueSet-SenderFilterConfig -Enabled $false
For more information, please visit the Microsoft's Knowledgebase for Exchange 2010 (https://docs.microsoft.com/en-us/previous-versions/office/exchange-server-2010/bb124087(v=exchg.141)).
For Exchange 2013, Microsoft has changed the way Recipient Callouts are handled. DATA checks are now performed, which means that the server returns the status "250 OK" for messages to invalid recipients, even if recipient validation is enabled, and thus does not give us the opportunity to check a recipient address for validity.
However, this behavior can be prevented with the following workaround. By default, a second port (2525) is opened when installing Exchange 2013. If you now enable the "Anonymous Users" option on the default hub transport, it is possible to use port 2525 for a proper recipient validation.
Please note that this setup has only been verified in a closed test environment and may need to be tested before use in a Live Setup.
Get-TransportAgent& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1Get-AcceptedDomain | Format-List Name,AddressBookEnabled
Set-AcceptedDomain example.com -AddressBookEnabled $true
Set-RecipientFilterConfig -RecipientValidationEnabled $trueHELO example.comMAIL From:RCPT To:
In order to set up recipient validation in Office 365, Exchange Online Protection must be enabled on the server and you must have a global administrator or an Exchange Company administrator account.
The Directory Based Edge Blocking (DBEB) feature of Office365 allows you to reject messages to non-existent recipients. To enable the feature, please follow these steps:
EAC > Mail Flow > Accepted Domains, then clicking on "Edit" and then checking that the domain type is set to "Internal Relay". If not, change the option and save the change.EAC > Mail Flow > Accepted Domains and set it to "Authoritative". After clicking "Save", please confirm that you want to use "Directory Based Edge Blocking".For more information, please visit the knowledgebase article from Microsoft (https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-directory-based-edge-blocking)