Hello, working with a client that is getting a ton of NDR's from spammers using their domain, typical case. Setup SPF records, verified email was definitely not coming from systems in their domain.
The Ironport was previously configured by someone else, so not sure as to why some things are configured as they. I do not have continuous access to this system to get logs, configuration, etc to post. My questions are pretty generic though, so hope somone can assist.
1, Bounce Verication was set to reject, however there was not a key configured to use for this. Am I correct in thinking that since there is no key/tag configured, Ironport has nothing to consider upon receiving these, so just allows all?
Since it is enabled, with the setting to reject, shouldn't all NDR's be rejected, or because there is nothing to validate a tag, it defaults to allow all?
2. What is the best way to actually see that in fact the outgoing messages are adding the tag in the return path? When I look at emails on a client, such as Outlook and look at the headers for messages from the ironport, this information does not show.
Is it stripped by the mail server as the message traverses, so the end client will not even see this information?
Or is this info correct and the Ironport isn't even adding the prvs?
How best can I verify this is in fact working as it should?
Thank you for any input!
To clarify, I did configure the tagging key and applied to the config. It was not configured prior to, pertaining to question 2. Thanks!