It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud-to-Cloud Backup

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

RMM (Managed Workplace)

Managed PhishLine

Intronis Backup

MSP Knowledgebase

MSP – Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

TechSummit 2019

Support Services

Network Security

Barracuda Email Security Gateway

Overview Documentation Training Certification Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud-to-Cloud Backup

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

RMM (Managed Workplace)

Managed PhishLine

Intronis Backup

MSP Knowledgebase

MSP – Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

TechSummit 2019

Support Services

Network Security

Login Sign Up Contact & Support

United States – English (GMT-5)

Back to Knowledgebase

Why is mail bypassing the Email Security Gateway and going directly to the mail server?

Type: Knowledgebase
Date changed: 2 years ago

Solution #00001684

Scope:
All Email Security Gateways, all firmware versions.

Answer:
There are a few different reasons spammers will send email directly to your mail server, even after you install your Email Security Gateway.

Spammers send to every MX record for your domain. This means that if you have your mail server listed as a lower-priority MX record (as a failover), spammers will send directly to the failover MX host as well. If you need redundancy, the best method is to use two Email Security Gateways in a cluster (available for models 400 and above).
DNS Caching. If your mail server has been removed from your MX records, some spamming servers may still have its address cached as a valid SMTP recipient. This means they may continue to send directly to your mail server.
"Spam bots" may be port scanning random IP addresses, and if your mail server is open and accepting SMTP connections from the internet, they may begin spamming you.

To prevent this problem, create firewall rules that prevent outside communication to your mail server, or configure your mail server to reject all incoming mail connections (except from the Email Security Gateway, of course). If the Email Security Gateway is the only machine allowed to communicate with the mail server over SMTP, spammers will have no choice but to send through it.

Link to This Page:
https://campus.barracuda.com/solution/50160000000GTbyAAG

Additional Resources

More

Print Share Page