This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Recipient Verification with Exchange 2013

Using callout doesn't work anymore. As mentioned here

exchange 2013 recipient filtering

the recipient filter works different as in Ex2010:

I have also noticed that Recipientfiltering doesn't work exactly the same way as in EX07/EX10.
When enabled, you should get an 550 5.1.1 User unknown after the ending period (see below)


mail from:
250 2.1.0 Sender OK
rcpt to:
250 2.1.5 Recipient OK
data
354 Start mail input; end with .
Write some Text Here
.
550 5.1.1 User unknown


Is this a known issue for development?


This thread was automatically locked due to age.
Parents
  • After some further research I would recommend to use "In Active Directory" for verification. Setup another HubTransport connector isn't as simple as expected because the "Frontend Transport Service" will always be in front of any "Transport Service" connector. Perhaps you can get it done with an additional IP at the EX server. Here is an interesting picture for the mail flow:

    Exchange 2013 Mail Flow Demystified

    Tobias
  • unfortunately AD checking is iffy at best. i just enabled it in one of the utms i manage and it started bouncing everything with "Address not present in directory",

    the AD server was setup correctly and tests ok.

    i can't set any DN as the recipients are scattered all over different OUs

    i had to go back to callout(non functional)

  • Mast, what does Support say about this - do they acknowledge a bug not documented in the KIL?  I assume you and the others checked ID24065 and followed those workarounds.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Strange, my AD is working fine. It only bounces the correct recipients ie the ones not in AD and my base is DC=mydomain; DC=com

Reply Children
  • Louis, are your users in multiple OUs?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Yes they are and that caught me out in the beginning too.

    I was told that everybody was in the same OU and configured the base OU as such. Everybody got email but certain groups (outside of the base OU) got rejected.

    I then set the base OU as DC=mydomain; DC=com and everything works.

    The majority of the time, the spam filter kicks it out for RBL's etc as expected. But if the mail does get past, everybody gets the mail they should and the odd attempt says "recipient not in directory" which is 100% correct in my case. So it's definitely working on my SG 310's on 9.4