I searched this forum for DHAP related issues, but can't seem to find an answer to my question. We have a C100 and have DHAP enabled. The typical setting for a mail policy is about 10 invalid recipients, and a 5xx "Too many recipients for this hour" is returned.
For the past week, we've been getting so much invalid from recipeints from google.com, rr.com, and yahoo.com (domains that typically don't do this to us) that we've gone up to over 50% of our daily volume is invalid recipient. Typically this is somewhere around 2% to 7% on a daily basis.
My main concern is how does this affect the performance of the ironport? So far, the cpu usage/queue is looks ok. After the DHAP threshold is met, does the c100 silently drop the connection or does it always send the 5xx response?
I understand that the DHAP counter gets resets at the beginning of every hour. Does this mean that once google.com reaches the DHAP threshold that the entire domain is denied until the next hour when the counter resets or is the DHAP counter set specifically for servers and only the servers get denied?
I've read in some posts to change the 5xx response to 4xx - how does this affect the ironport and the mail servers who got blocked for the hour? Does this mean that the servers will simply keep trying over and over again later? How does this make the situation better?
Thank you in advance for any input.