6 – Recipient Verification

Introduction

It’s a widely suggested best practice to reject mail addressed to non existent recipients at the gateway level.
This will aid the spam block rate and keep your license usage count accurate.
In this section we will describe how to configure recipient verification on our Libra Esva gateway.

 

Libra Esva supports two different types of recipient verification:

 

  • Dynamic Verification
  • Valid Recipient List Verification

 

Dynamic Verification

Dynamic Verification is the easiest form of Recipient Verification to use and manage. To use Dynamic Verification Method it is required that your mail server rejects mail addressed to invalid addresses (Recipient Filtering) through the SMTP RCPT TO command. If the server accepts the request (required code 250, 251, or 252), it may provide information about the address in a server-defined format and Libra Esva can then use your mail server to verify if a recipient specified on an incoming mail is valid or not.
Each email server has it’s own documentation about how to enable this feature. See the links below for guides of commonly used mail server software:

 

Microsoft Exchange 2007:
http://technet.microsoft.com/en-us/library/aa998898%28EXCHG.80%29.aspx

 

Microsoft Exchange 2010:
http://technet.microsoft.com/en-us/library/bb125187.aspx

 

If you are using a default standalone (no Edge Transport Server) installation of 2010 the Anti-Spam functionality is not installed. Therefore you need to follow this article:

 

http://technet.microsoft.com/en-us/library/bb201691.aspx

 

IBM Lotus Domino:

http://www-01.ibm.com/support/knowledgecenter/SSKTMJ_8.0.1/com.ibm.help.domino.admin.doc/DOC/H_RESTRICTING_WHO_CAN_RECEIVE_MAIL_FROM_THE_INTERNET_STEPS.html?lang=en

 

Postfix MTA:

http://www.postfix.org/ADDRESS_VERIFICATION_README.html

 

Once you have configured your server, login to Libra Esva and select menù:

System->Relay Configuration->Domain Relay

Edit a domain and select “Dynamic Verification”. You can configure different policies for different domains.

dynamic verification

 

Valid Recipient List Verification

Even though it requires a more complex configuration, this method is more efficient and reliable than the above Dynamic Verification as the valid address check is completely done versus a local cached list without an online connection to any other server.

 

The Valid Recipient List is available under menù System->Valid Recipient Verification.

 

valid recipient list

 

This list of valid email addresses, can be populated in three different ways:

 

  • Manually: by adding each accepted address one by one
  • Text Import: from a text file import
  • LDAP Import: via an LDAP Server Connection

 

The first method is convenient only for a very small deployment with a few static email addresses.

 

The second one is suitable in case you have a static email address list to import once; any update is manual.

 

The third one is the more advanced and allows synchronization between local valid recipient list and an LDAP server, like Exchange, Domino, Zimbra, etc.

 

Once you have populated your list apply it to your domain by selecting menù:

 

System->Relay Configuration->Domain Relay

 

Edit a domain and select “Valid Recipient List”.

 

valid recipient list 2

 

NOTE: Remember to populate your Valid Recipient List BEFORE configuring and applying it to your domain, or all received emails will be rejected until you populated the valid recipient list!