none
Recipient verification on Exchange 2013 SP1 RRS feed

  • Question

  • Hello,

    we use 3rd party tool for antispam and I'm unable to configure recipient verification on Exchange 2013 with SP1.

    Basically i have done all steps described in article http://technet.microsoft.com/en-us/library/bb125187.aspx and still i am able to send mail to non existent users (Exchange sends NDR)

    My recipient filter config looks like this:

    RunspaceId                 : a4ec4d9b-a68d-43e2-beb9-c397505d1321
    Name                       : RecipientFilterConfig
    BlockedRecipients          : {}
    RecipientValidationEnabled : True
    BlockListEnabled           : True
    Enabled                    : True
    ExternalMailEnabled        : True
    InternalMailEnabled        : True
    AdminDisplayName           :
    ExchangeVersion            : 0.1 (8.0.535.0)
    DistinguishedName          : CN=RecipientFilterConfig,CN=Message Hygiene,CN=Transport
                                 Settings,CN=secureemail,CN=Microsoft
                                 Exchange,CN=Services,CN=Configuration,DC=domain,DC=priv
    Identity                   : RecipientFilterConfig
    Guid                       : d34e78fa-bc92-44db-80bb-85e300135422
    ObjectCategory             : domain.priv/Configuration/Schema/ms-Exch-Message-Hygiene-Recipient-Filter-Config
    ObjectClass                : {top, msExchAgent, msExchMessageHygieneRecipientFilterConfig}
    WhenChanged                : 30/04/2014 10:29:43 AM
    WhenCreated                : 01/10/2011 12:34:08 PM
    WhenChangedUTC             : 30/04/2014 2:29:43 PM
    WhenCreatedUTC             : 01/10/2011 4:34:08 PM
    OrganizationId             :
    OriginatingServer          : server01.domain.priv
    IsValid                    : True
    ObjectState                : Unchanged

    I have allowed anonymous connection on default connector.

    Also, transport agent is enabled.

    My problem is that mail gets in queue even i don't wanna this to happen.

    Any advice is more then welcome.

    Thanks,

    Ivica

    Wednesday, April 30, 2014 4:33 PM

Answers

All replies

  • Are you talking about an Edge Transport server?

    Do you have Edge Synchronization properly configured?

    Please explain exactly what you're trying to do, not just the result of what you've done.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Friday, May 2, 2014 2:40 AM
    Moderator
  • Hello Ed,

    Thanks for your response. 

    No, we are trying to use all in one server (CAS and MBX role together). 

    In front of Exchange there is Spamtitan antispam solution for filtering mails. 

    I need to make sure Exchange does recipient verification, and decline any messages. 

    That will keep our license count number correct, and make less load on our Exchange server. 

    This is the solution we are trying to implement http://helpdesk.spamtitan.com/support/articles/4000003763-dynamic-recipient-verification-using-exchange 

    However, i'm trying to make stuff work and only test it via telnet and my mail gets queued,  but per my understanding it should be after DATA: REcipient unknown.

    Regards,

    Ivica

    Friday, May 2, 2014 8:53 AM
  • I've only seen this feature used with Edge Transport.  Recipient filtering applies to mail sent from outside Exchange via SMTP.  It has nothing to do with licensing and I can't see that it's at all useful for managing your licensing.

    Please post the cmdlet you are entering to set up recipient filtering.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Friday, May 2, 2014 3:30 PM
    Moderator
  • Hello,

    well, we don't use Edge transport, we use 3rd party tool.

    here is link from them:

    http://helpdesk.spamtitan.com/support/articles/95349-recipient

    important part:

    "Once Recipient Filtering is enabled log on to the SpamTitan web interface. Browse to System Setup->Mail Relay->Domains.  Edit a domain and select "Dynamic Verification" and enter your mail server IP as the Verification Server.

    This will allow SpamTitan to verify the recipient addresses of all incoming mail.  Any mail addresses to invalid addresses will be dropped.  This will aid the spam block rate and keep your daily license usage count accurate."

    But here is not issue with Spamtitan, it is with Exchange itself because i try to make it work via telnet session. 

    I'm using scripts:

    Set-RecipientFilterConfig -Enabled $true

    Set-RecipientFilterConfig -BlockListEnabled $true

    Set-RecipientFilterConfig -RecipientValidationEnabled $true

    Friday, May 2, 2014 7:54 PM
  • If SpamTitan has the capability to do recipient filtering, that is the place you ought to do it.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Saturday, May 3, 2014 2:07 AM
    Moderator
  • Saturday, May 10, 2014 3:01 PM
    Moderator
  • Hello Ivica,

    don´t know if the problem still exists but i had exact the same configuration/problem with Exchange 2013 and SpamTitan. 

    Now i got the recipient verification up and running as it should.

    Regards,

    Jens

    Tuesday, September 23, 2014 12:23 PM
  • Hi Jens ,

    can you share how you got it to work ?

    Friday, November 14, 2014 10:02 AM
  • Hello Bruno,

    following steps from Mike Crowley helped me, so probably it will help to you :)

    It should work and doesn't require an ET server.  See here to make sure you've configured it right: 


    Also, you would go and if use Exchange 2013 use this guide, they updated it:

    http://helpdesk.spamtitan.com/support/solutions/articles/4000003763-dynamic-recipient-verification-using-exchange-2013

    Regards,

    Ivica

    Friday, November 14, 2014 10:13 AM