Exchange 2003 introduced a new facility to filter email messages if the email address doesn't exist in the Active Directory. This will stop spammers from sending messages to non-valid addresses. It can also be used by profilter to immediately detect email to non-existent users, thus keeping your quarantines smaller and minimising processing requirements.
The rejection is done at the SMTP level - so the email message isn't even delivered.
This feature would expose your server to "Directory Harvest" attacks, allowing spammers to find valid email addresses on your server - however because it is behind profilter, it is protected. No information on existence of users is made available to the originating system
Exchange 2000 and users on Windows 2000 with Exchange 2003
If you are using the older version of Windows or Exchange, then you should look at third party tools to do the same thing.
Vamsoft's ORF is one such product that can filter on the active directory.
Enabling the Option on Exchange 2003
To enable this option:
- Expand ESM, Message Delivery.
- Right click on "Message Delivery" and choose Properties.
- Click on the tab "Recipient Filtering".
- Enable the option "Filter Recipients who are not in the directory."
You then need to enable the Recipient Filter on the SMTP Server.
- Still in ESM, Expand Admin Groups, <your admin groups>, Server, <your server>, Protocols, SMTP.
- Right click on SMTP Virtual Server and choose Properties.
- Click on "Advanced" next to the IP address on the first tab.
- With the IP address selected, choose "Edit"
- Enable "Apply Recipient Filter".
- Click Apply/OK until clear.