It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

End-of-Sale for Models 100 and 200

As of October 4th, 2020, all new sales for models 100 and 200 of the Barracuda Email Security Gateway have ceased. Renewals of software subscriptions are still available.

How to Configure MS Exchange to Reject Emails for Invalid Recipients

  • Last updated on
This article explains configuring Microsoft Exchange to reject emails for invalid recipients so that Barracuda Email Security Gateway will recognize the rejections. This applies to Barracuda Email Security Gateways in use with Exchange 2007/2010 or 2003 servers, all firmware versions.

MS Exchange 2007/2010

Follow this procedure to enable Microsoft Exchange Server 2007/2010 to allow emails for valid recipients only. This step is necessary to allow the Microsoft Exchange server to work with the SMTP verification feature of the Barracuda Email Security Gateway.

Recipient Verification is configured in the "Anti-Spam agents" module. The Anti-Spam agents are enabled by default on Edge Transport servers, but not Hub Transport servers. If you do not have an Edge Transport Exchange 2007 server, you can enable the Anti-Spam agents on a Hub Transport server. Please follow this link to a Microsoft knowledgebase article below if you need to enable the "Anti-Spam agents" module on your Exchange 2007 server:

Version:1.0 StartHTML:0000000167 EndHTML:0000008758 StartFragment:0000000487 EndFragment:0000008742

Once you have verified that the Anti-Spam agents are enabled, you can configure Microsoft Exchange to block mail addressed to recipients that don't exist in your organization. This feature is called Recipient Lookup, and can be enabled by following these steps:
  1.  Open the Exchange Management Console.
  2.  Expand Organization Configuration.
  3.  Click on Hub Transport.
  4.  Click the Anti-Spam Tab.
  5.  Double click Recipient Filtering.
  6.  Click the Blocked Recipients tab.
  7.  Check the first option, labeled Block messages sent to recipients not listed in the Global Address list.

When someone tries to send an email to a user that does not exist in your Active Directory domain, they will receive this error:

550 5.5.1 User unknown

The email will not be received by Microsoft Exchange server, since the error is given during the SMTP transmission. Then, assuming your domain has this Exchange server configured as its Destination Server, the Barracuda Email Security Gateway should begin to reject incoming mail addressed to invalid recipients at your domain.

MS Exchange 2003:

Follow this procedure to enable Microsoft Exchange Server 2003 to allow emails for valid recipients only. This step is necessary to allow the Microsoft Exchange 2003 server to work with the SMTP verification feature of the Barracuda Email Security Gateway. First, enable filtering for recipients which are not found in Active Directory.

  1.  Open Exchange System Manager > Global Settings, right-click on Message Delivery, and choose Properties.
  2.  Go to the Recipient Filtering tab.
  3.  Enable the option Filter recipients who are not in the Directory.
  4.  Click OK to close the window and save your changes.
Next, enable the recipient filter on the SMTP Virtual Server. This will only need to be enabled on the SMTP virtual server that is receiving emails from the Internet.
  1.  Open Exchange System Manager > Administrative Groups > (Administrative Group Name) > Servers > Protocols > SMTP.
  2.  Right-click on the SMTP Virtual Server and select Properties.
  3.  Go to the General tab click the Advanced... button.
  4.  Choose the IP binding that that is listening on the Internet. Click the Edit... button.
  5.  Enable the Apply Recipient Filter option.
  6.  Click OK through all the windows to save your changes.
When someone tries to send an email to a user that does not exist in your Active Directory domain, they will receive this error: 

550 5.5.1 User unknown

The email will not be received by Microsoft Exchange server, since the error is given during the SMTP transmission. Then, assuming your domain has this Exchange server configured as its Destination Server, the Email Security Gateway should begin to reject incoming mail addressed to invalid recipients at your domain.

Additional Notes:
Enabling LDAP/Active Directory verification will disable SMTP verification. This solution is not usually relevant when configuring LDAP/Active Directory verification. 

 

Last updated on