We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Why is mail bypassing the Email Security Gateway and going directly to the mail server?

  • Type: Knowledgebase
  • Date changed: 10 months ago
Solution #00001684

Scope:
All Email Security Gateways, all firmware versions.

Answer:
There are a few different reasons spammers will send email directly to your mail server, even after you install your Email Security Gateway.
  1. Spammers send to every MX record for your domain. This means that if you have your mail server listed as a lower-priority MX record (as a failover), spammers will send directly to the failover MX host as well. If you need redundancy, the best method is to use two Email Security Gateways in a cluster (available for models 400 and above).
  2. DNS Caching. If your mail server has been removed from your MX records, some spamming servers may still have its address cached as a valid SMTP recipient. This means they may continue to send directly to your mail server.
  3. "Spam bots" may be port scanning random IP addresses, and if your mail server is open and accepting SMTP connections from the internet, they may begin spamming you.
To prevent this problem, create firewall rules that prevent outside communication to your mail server, or configure your mail server to reject all incoming mail connections (except from the Email Security Gateway, of course). If the Email Security Gateway is the only machine allowed to communicate with the mail server over SMTP, spammers will have no choice but to send through it.

Link to This Page:
https://campus.barracuda.com/solution/50160000000GTbyAAG