Configuring Recipient Filtering

Exchange 2003 also supports recipient filtering. Therefore, you can filter e-mail messages that are addressed to users who are not in Active Directory, or e-mail messages that are addressed to recipients who are frequently targeted by distributors of unsolicited commercial e-mail messages.

You can use recipient filtering to filter messages that a sender sends to any e-mail address, existent or non-existent, in your organization. If a message is sent to any of the specified recipients, Exchange returns a 500-level error during the SMTP session.

By default, Exchange accepts mail addressed to any recipient (invalid or valid), and then Exchange sends NDRs for all invalid recipients. Typically, unsolicited commercial e-mail is sent from invalid addresses. Therefore, Exchange retries delivery of NDRs to non-existent senders and thereby wastes more resources. Enabling recipient filtering prevents Exchange from wasting resources in this way because you can filter e-mail that is sent to invalid recipients.

You can use recipient filtering to reject mail that a sender sends to invalid recipients (recipients that do not exist in Active Directory). However, doing so potentially allows malicious senders to discover valid e-mail addresses. The SMTP virtual server issues different responses for valid and invalid recipients. By comparing the responses issued by the SMTP virtual server for valid and invalid recipients, malicious users can identify valid e-mail addresses in your organization.

For detailed instructions on configuring recipient filtering, see How to Add a Recipient to the Recipient Filtering List.