Problem:

Messages from the Internet that are passed by your EMF server and are addressed to invalid recipients are usually bounced by your internal mail server, ie, a non-delivery report (NDR) will normally be generated. The NDR will be addressed to the original message sender. When the original message sender is a non-existent spammer domain, and the NDR is routed back out through EMF, the NDR will stay in the EMF Retry queue according to your retry intervals defined in the EMF UI, and then be moved to the Dead Letter queue. Finally, it will age out of the Dead Letter queue.

Resolution:

The negative points about undeliverable mail sitting in the Retry queue are:

• There are some EMF CPU cycles burned retrying the messages.
  
  
• Database space to hold the messages.

It is otherwise not harmful to let the messages age out of Retry, and then out of Dead Letter. These negative points were considered acceptable in the EMF pre-spam days, when EMF was designed.

Today, Directory Harvesting Attacks (DHA) are common place, where spammers send messages into your organization, trying to guess valid recipients. Checking that all recipients on inbound messages are legitimate is called Recipient Verification (RV), and has become in many cases an essential anti-spam approach. This check is normally done with an LDAP lookup. Axway recipient verification options:

• Implement recipient verification at the perimeter, eg, in the MailGate Edge relay. MailGate is the newer Axway email filter offering, and its Edge module (separately licensable) is specifically designed to counter DHA (and Denial-of-Service) attacks.
  
  
• Implement recipient verification in EMF, and do not sent out NDRs. EMF supports recipient verification via on-the-fly LDAP lookups by an EMF policy. The offending emails can then be dropped, and would not go through to your internal mail server and generate an NDR.

Many EMF customers have introduced an MailGate Edge system onto their perimeter, cutting mail volume into their organization by 80% or more.

One advantage of MailGate RV vs. EMF RV is that MailGate RV is performed in the MailGate relay service. If the recipient is not legitimate, an SMTP 550 error is given to the sender immediately. Hence, if the sender happens to be legitimate, and mis-typed the recipient address, the sender will know. In EMF, which is older technology than MailGate, the RV check is done in the policy engine, after acceptance by the relay service, and no such 550 error is available.

Additional Information:

If you are a current EMF customer, and interested in MailGate, please contact your Axway Sales Representative, or Axway Technical Support. Axway provides special incentives for current EMF customers moving to MailGate.