By default, when an email message arrives addressed to your domain that is not addressed to a valid user, Symantec Messaging Gateway passes the message to the internal mail server. The internal mail server may either accept the message and generate a bounce message, or the internal mail server may reject the message. Upon receiving the bounce message, a legitimate sender can resend the original message with the correct address. However, messages with invalid recipients can also result from a spammer's directory harvest attack.
The Remove unresolved recipients action on the Directory Harvest Attacks page only removes unresolved recipients when a directory harvest attack occurs. You can combine this action with your invalid recipient handling setting or enable the two settings individually.
You can configure Symantec Messaging Gateway to accept, reject, or drop any messages that are sent to invalid recipients, as follows:
If you choose to accept all recipients, Symantec Messaging Gateway accepts all messages, whether or not the recipients are valid. However, if the internal mail server rejects a recipient, Symantec Messaging Gateway sends a bounce message. The internal mail server may also send bounce messages if it is configured to send them.
If you choose to reject invalid recipients, Symantec Messaging Gateway rejects any messages that are addressed to email addresses that do not exist in your LDAP directory. The sending MTA may generate a bounce message to the sender. You must have a data source configured for recipient validation. Recipients are rejected at the initial SMTP conversation with a 5xx SMTP error.
If you choose to drop invalid recipients, Symantec Messaging Gateway drops from the mail stream any messages that are addressed to email addresses that do not exist in your LDAP directory. No bounce messages are returned to the sender. You must have a data source configured for recipient validation.
If you choose to reject or drop invalid recipients, Symantec Messaging Gateway applies your choice to each local domain that you configure to enable recipient validation. If you do not enable recipient validation for any local domains, no messages are dropped or rejected.
Dropping messages for invalid recipients is an extreme measure. Enabling this feature may prevent diagnosis of serious problems with your email configuration. Only enable this feature after you are sure that your email system is stable. Also, if enabled, accidentally mis-addressed messages are dropped, and no bounce messages are sent. You can instead reject invalid recipients, which allows the sending MTA to generate a bounce message if so configured.