We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Email Security Gateway

Why is mail bypassing the Barracuda Spam Firewall and going directly to the mail server?

  • Type: Knowledgebase
  • Date changed: 3 years ago
Solution #00001684

Scope:
All Barracuda Spam Firewalls, all firmware versions.

Answer:
There are a few different reasons spammers will send email directly to your mail server, even after you install your Barracuda Spam Firewall.
  1. Spammers send to every MX record for your domain. This means that if you have your mail server listed as a lower-priority MX record (as a failover), spammers will send directly to the failover MX host as well. If you need redundancy, the best method is to use two Barracuda Spam Firewalls in a cluster (available for models 400 and above).
  2. DNS Caching. If your mail server has been removed from your MX records, some spamming servers may still have its address cached as a valid SMTP recipient. This means they may continue to send directly to your mail server.
  3. "Spam bots" may be port scanning random IP addresses, and if your mail server is open and accepting SMTP connections from the internet, they may begin spamming you.
To prevent this problem, create firewall rules that prevent outside communication to your mail server, or configure your mail server to reject all incoming mail connections (except from the Barracuda Spam Firewall, of course). If the Barracuda Spam Firewall is the only machine allowed to communicate with the mail server over SMTP, spammers will have no choice but to send through it.

Link to This Page:
https://campus.barracuda.com/solution/50160000000GTbyAAG