Skip to main content

How to implement recipient filtering

Recipient filtering is a crucial part of modern e-mail filtering. All edge (fronting) mail gateways should be aware of all e-mail accounts inside the organization in order to prevent back scatter. That is not to say that you should not prevent dictionary harvesting attacks (if that is important to protect your users). Back scatter is when messages to unknown recipients aren't rejected in the edge server, so bounces (DSN) has to be generated on the backend server, which will result in "unnecessary" DSN messages being sent, and also you may be subject to sending DSN spam.

A few common methods of implementing recipient filtering in Halon are

  • Forwarding SMTP lookup (that is for every recipient, verify that the recipient is available on the next server)
  • Verify the recipient by using LDAP (common for MS Exchange)
  • API lookup using eg. HTTP to verify recipients
  • Manually synchronizing a recipient list (should be the last resort)