This help section describes the Recipient Validation Test and related settings in ORF.
This test is for validating the recipients of the incoming emails. The list of valid recipients can be obtained by ORF from 3 sources:
Using this source, ORF looks up every recipient of the email in the Active Directory®. More information...
Note that this validation source is not available on Exchange 2013/2010/2007 Edge Transport Server (as Edge servers have no direct access to the AD), but 2013/2010/2007 will validate the recipients on protocol level like ORF would do, so this is usually not a problem. The only test which is affected by the above is the DHA Protection test: as it relies on the Recipient Validation feature of ORF, it cannot be used on Edge servers.
Recipients are checked in an ADO-compatible data source, e.g., a Microsoft® SQL Server® database. More information...
When the ORF Service starts, it loads a list of valid recipients from a local text file and checks every recipient in that list. The text file has to be in a specific format for this source. Learn more about format specifications in the Recipient Validation Source: Text File section.
Enable or disable the use of the Recipient Validation on the in the navigation.
Select the source of valid email addresses in the Validation Source group and click the Configure Selected button for editing the settings of the given source.
Use the exception list to exclude specific email address, domains or address patterns from the validation. This list comes handy when you provide filtered relay for a domain and your selected validation source has no information about the valid recipients of that domain.
If you relay for a large number of domains and you cannot validate recipients for these domains, but you still want to validate for your domain, you may find it easier to list the domains to be validated instead of the domains that ORF must not validate for.
You can use regular expressions for this. With the help of so-called negative lookahead expressions you can "invert" the expression as .+@(?!example\.org$). Multiple local domains can be listed as .+@(?!yourdomain1\.com$|yourdomain2\.com$|yourdomain2\.net$). This expression will match for every email address, except those which end with yourdomain1.com, yourdomain2.com and yourdomain2.net.
Note that due to this above behavior, you should have only this single expression on the exception list.