Filter Email for Unknown Users
On this Page
- Anti-Spam Controls Installation
- Enable Recipient Filtering
- Tar Pit
Other Versions of Exchange
This article is available for other versions of Exchange:
Being able to filter out email for non-existent users is a key configuration for modern email servers. This can have a significant effect on the amount of email that the server has to process and ensures that you are not a cause of backscatter, which can lead to the server being blacklisted.
The rejection is done at the SMTP level - so the email message isn't even delivered. If valid senders misspell an email address then they will get a bounce message immediately - indicating that the message has been rejected.
The ability for Exchange 2010 to drop email for unknown recipients is available as part of the anti-spam functionality, but this is only installed by default on the Edge Server role and on SBS servers. For a deployment without an Edge server you need to install the anti-spam agents manually on the Hub Transport servers. If you are using multiple hub transport servers then they need to be installed on everyone that is internet facing. This is done by using a PowerShell script supplied with the server.
Anti-spam Controls Installation.
- In The Exchange Management Shell, change to the following directory (presuming default installation location) C:\Program Files\Microsoft\Exchange Server\Scripts
- Use tab to select install-AntispamAgents.ps1 and press enter.
- Once it has completed, restart the Microsoft Exchange Transport Service, then restart the Exchange Management Console and go in to Organisation Configuration, Hub Transport and select the Anti-spam tab.
Enable Recipient Filtering.
- All of the anti-spam options are enabled by default. For now, disable them all except for recipient filtering.
- Go in the the properties of recipient filtering and enable the option "Block messages sent to recipients not in the global address list" on the Blocked Recipients list. Apply/OK out.
- Restart the Microsoft Exchange Transport Service again.
With Exchange 2003 you needed to enable the tar pit to protect against directory harvest attacks. That is not required with Exchange 2007 and higher as tar pit is enabled by default.