Solved

Exchange Server 2003 on SBS 2003

Posted on 2014-11-23
6
162 Views
Last Modified: 2014-11-24
I am running Exchange Server 2003 on SBS 2003. Is there a way to have the server reject email sent to email addresses that are not real or active on my server?

I have seen many time reply's that state the user is not available on this domain, etc., I would like to get mine to do the same.

Thanks
0
Comment
Question by:sschlundt
  • 4
  • 2
6 Comments
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 40460654
Enable recipient filtering on Exchange. If I remember correctly, by default the server will generate the appropriate NDR for non-existent users.
0
 

Author Comment

by:sschlundt
ID: 40460688
Cab you tell me where/how to do this? I have search through the exchange server admin setting and can't find it.
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 40460715
In the left pane of ESM, just below the organisation name, click on Global Settings. In the right pane, right-click on Message Delivery and choose Properties. Click on the Recipient Filtering tab and tick the box labelled "Filter recipients who are not in the Directory". Click Apply and OK, and OK your way back out.

Restart the Exchange services and you should be good to go.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 15

Accepted Solution

by:
Perarduaadastra earned 500 total points
ID: 40460735
Whoops, missed out a step...

After enabling recipient filtering in Message Delivery, still in ESM, expand Admin Groups -> Server (your server name) -> Protocols -> SMTP. Right click on SMTP Virtual Server and choose Properties. Under the General tab click the "Advanced" button next to the IP address. Click the Edit button and tick the Apply Recipient Filter check box. Click OK, and OK and Apply your way back out.

This will produce the results you are after.

However, be aware that these changes will make you vulnerable to directory harvest attacks, so Microsoft introduced a hotfix (now a part of Service Pack1) to enable a feature called tarpitting. This slows down the the server's response to such attacks to the point that such attacks take so long to execute that they aren't worth attempting.

Assuming that you have SP1 on your server, open Notepad and type in the following:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SMTPSVC\Parameters]
"TarpitTime"=dword:00000005

This will make the server wait for five seconds between each harvest attack request. Save the file as tarpit.reg; change the file type in Notepad to All Types to enable you to do this. Tarpit.reg.txt won't work!

Double-click on the file to import it into the registry.

Finally, restart the SMTP server service to activate the changes.
0
 

Author Closing Comment

by:sschlundt
ID: 40461100
Fast response and attention to detail. Great response. Thank you
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 40461565
My pleasure.
0

Featured Post

ScreenConnect 6.0 Free Trial

Explore all the enhancements in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows Mail to Outlook 2016 7 92
Outlook Search Results limited to 1000 13 436
Disable Exchange 2016 Internal Relay 9 183
Dynamics CRM - Changes to automatic email times 5 38
If you are anything like me, you install many apps on your phone and have your life on it, sometimes literally.  When I bought my current phone, a Samsung Galaxy S5 from Verizon, they were only selling the versions with 16 GB internal.  I didn't rea…
I tend toward trying the newest hardware and software.  Thiss sometimes works out to my benefit, and sometimes not.  Because I downloaded and installed Android 5.x (http://www.experts-exchange.com/articles/18084/Upgrading-to-Android-5-0-Lollipop.htm…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question