Recipient validation rejects uncached recipients with 550 response when LDAP source is unavailable
Last Updated September 19, 2016
When Messaging Gateway (SMG) is configured to perform recipient validation for inbound messages but the LDAP data source is unavailable due to either a network outage or the LDAP / Active Directory host being offline, SMG will respond with a 550 level response code for all recipients once attempts to validate a recipient which is not already cached and fails to connect to the LDAP server. This behavior conflicts with the product documentation which states on page 575:
If the directory data service cannot properly communicate with the LDAP directory server (for example, if the network link to the LDAP server is down) when it attempts to determine the validity of a message recipient, the MTA returns an error indicating that the delivery attempt should be retried later.
220 smgmx.2k8domain.test ESMTP Symantec Messaging Gateway HELO 192.168.2.6 250 2.0.0 smgmx.2k8domain.test says HELO to 192.168.2.103:51323 MAIL FROM: <email@example.com> 250 2.0.0 MAIL FROM accepted RCPT TO: <firstname.lastname@example.org> 550 5.1.1 Recipient address rejected: User unknown
Messaging Gateway 10.6.1
This issue has been addressed with the SMG 10.6.2 release. Message delivery is now deferred with a 4xx level response code for recipient addresses in domains with recipient validation enabled when the directory data source is unavailable.
Please see the Messaging Gateway Administration Guide for detailed instructions on how to update the SMG software.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe