recipient valdation - ORF Forums

recipient valdation RSS Back to forum

1

hello everyone! We have the exchange 2010 + orf setup, and there's a question. A lot of spam like this passes through ORF - the email has, lets say, 10 recipients, but only 1 email is valid on our mailserver - but still, this message is recognized as non-spam and hits the "valid" recipient.

Is there a problem in recipient configuration?

Reply
by Alexandr Gromotkov more than 10 years ago
2

@Alexandr Gromotkov: The recipient validation feature stops emails sent to non-existent recipients only: just because an email has multiple recipients of which some are non-existent, it does not necessarily mean it's spam and should not be delivered to valid recipients, so such behavior of the recipient validation feature would block many legitimate emails. (Imagine a client of yours sending an email an Cc:-ing somebody who no longer works for your firm).

ORF has another test, which relies on recipient validation and does exactly what you need: the DHA protection test. This test will ban senders for X minutes who sent Y emails to non-existent addresses within Z minutes (all three values can be configured). By default, it will ban senders for 24 hours who send emails to 3 non-existent addresses within 3 hours, so false positives are unlikely to occur.

The test can be enabled and configured in the Administration Tool (Configuration / Tests / Tests and Configuration / Tests / DHA protection test pages).

Reply
by Krisztian Fekete (Vamsoft) more than 10 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2