Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 379
  • Last Modified:

LDAP quarry to exchange to determine valid email addresses

MY ISP does spam and virus filering for me then relays the email to my exchange 2003 server. This is working
great as it takes a load off my server.

They offer one more service. They can do a LDAP quarry to my network for valid emails
and if it is a valid user then the mail would be fowarded to me, otherwise would be dropped
at thier server.  This sounds great but how do I make it work. Exchange itself do not answer
LDAP quarries and I dont want to put a DC in the DMZ.

So can I setup a LDAP server service on a box that is visable to them and then use the firewall
so only they can quarry it?

Is this worth spending more time on trying to resolve?
The ISP feels that it very worth while and can prevent DOS attacks.

  • 3
  • 2
1 Solution
Check microsoft MIIS server that way you can put a copy of the directory in your dmz and you van disided when is the copy of the AD going to updated
this is a link that explaine more:
why go through all this trouble when exchange 2003 has a feature that will drop any
connection for a user that does not exist on ur Active Directory??
vppsitAuthor Commented:
is there any special setups required to make this work ?
Does that mean the exchange does not have to process the whole email to determine the
addressee does not exist on my system
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

no special step...and it only works on exchange 2003
go to ESM\global settings\message delivery\recipient filtering and check filter recipients
who are not in the directory....
now messages will be handles according to ur setup in the sender filtering section...
u can choose to drop the connection if u like....which i usually do ...without the NDR...
it is up tp u....
dont forget to restart exchange server after u make any changes....and u also make sure
to apply the filter in ur smtp virtual server.....
vppsitAuthor Commented:
Thanks for the info

I have made the changes . Is there a way to test if the quarry is done before
receiving the entire mail?

I also blocked email with blank senders.
well i am not sure if i have an answer for this question....but maybe diagnostic logging
if enabled may be able to show what happens when a message is recieved for a user that does not exist on ur AD...but since the option is to drop connection then i am sure
message is not accepted yet orelse there will ne no use to drop the connection....
now one more tip ....u should also block ur own domain from incomming....
under sender filtering add ur own domain ....some spammers use this technique.....

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now