LDAP - Bounce or drop invalid recipients

Unanswered Question
Sep 17th, 2008

Which setting do you guys use?

Shortly after I got my Ironport about 2 years ago I dropped invalid recipients because I got so many of them and didn't want bounces going back to spammers are whoever else was sending them. OTOH sometimes we have real senders making spelling errors and not getting a bounce so they are unaware the recipient did not receive the email.

To bounce or drop, that is the question!

- Richard

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
angfeglandagan Thu, 09/18/2008 - 08:37

This can be done effectively on your LDAP -Accept and Group Query if you want to do it.


or on the listener interface configure it to accept only the LDAP-Accept query you created.


then create a policy using LDAP..
create a content filter that has an action to DROP dead mails once not on ldap.

IIAGDTRnSC Thu, 09/18/2008 - 13:41

I have it set up, but what I am asking is do you prefer to drop or bounce the invalid email addresses?

This can be done effectively on your LDAP -Accept and Group Query if you want to do it.
karlyoun Thu, 09/18/2008 - 16:19

Richard

If you change your listener settings to do the LDAP Accept Query during conversation, instead of workqueue, you get the best of both worlds, and better performance as a bonus.

The sending server gets a reject. If it's a real server, it will deliver a bounce message to the sender. A spamming server will ignore the reject and move on to the next address. Once it hits the DHAP limit, your IronPort will reject all connection attempts from that server for the next hour.

So, valid senders who mistype the recipient address get notified, you don't send bounces to spamming addresses, which are mostly forged.

The bonus is your appliance doesn't have to process all of the spam mail that would have been delivered to the bogus addresses.

-karl

Which setting do you guys use?

Shortly after I got my Ironport about 2 years ago I dropped invalid recipients because I got so many of them and didn't want bounces going back to spammers are whoever else was sending them. OTOH sometimes we have real senders making spelling errors and not getting a bounce so they are unaware the recipient did not receive the email.

To bounce or drop, that is the question!

- Richard
IIAGDTRnSC Thu, 09/18/2008 - 21:23

Thanks Karl, I've made that change and learned something new today!

- Richard




If you change your listener settings to do the LDAP Accept Query during conversation, instead of workqueue, you get the best of both worlds, and better performance as a bonus.

Actions

This Discussion