User mailbox e-Discovery vs MS Exchange accepting email for non-existent users

Greetings keepers of the IT underworld,

Our increasingly popular User Auto-Discovery feature seems to be causing some confusion regarding mailboxes being created for non-existent users. The reason for this is that your beloved Exchange servers will accept mail for every- & anyone at your domain name. But there is a solution, Recipient Filtering.

Here’s how to do it.

If you are using an Exchange Edge server follow these guidelines for:
Exchange 2010 > Configure Recipient Filtering Properties: Exchange 2010 Help | Microsoft Learn
Exchange 2007 > Configuring Recipient Filtering: Exchange 2007 Help | Microsoft Learn

If you are using a standalone Exchange server (I think the same method applies for 2007 & 2010 but I don’t have a 2007 server to play with):

  • Make a backup/snapshot/system restore point before making any changes ('natch)
  • Open the Exchange Management Shell
  • Type cd ‘C:\Program Files\Microsoft\Exchange Server\V14\Scripts’ at the prompt, press Enter on the keyboard
  • Type .\install-AntispamAgents.ps1, press Enter on the keyboard

You’ll need to restart the Transport service to embed the changes but the Transport Service depends on the Active Directory Topology service so close the
Exchange Management shell and open the services msc. Right-click on and restart the Active Directory Topology service (this will cause practically all the Exchange services to restart - ain’t Exchange fun)

Once the services have restarted you will have a new tab available within the Organization Configuration > Hub Transport console. Disable everything except Recipient Filtering (we won’t take responsibility for the consequences if you leave the other options enabled). Right-click the Recipient Filtering feature, click Properties and check that the option “Block messages sent to recipients that do not exist in the directory” is selected.

Job’s a good 'un, no more emails being accepted for phantom users.

Let me know if you need pictures :slight_smile:

Later,

M.

For Exchange 2013, I see this Note:

Although the Recipient Filter agent is available on Mailbox servers, you shouldn’t configure it. When recipient filtering on a Mailbox server detects one invalid or blocked recipient in a message that contains other valid recipients, the message is rejected. If you install the anti-spam agents on a Mailbox server, the Recipient Filter agent is enabled by default. However, it isn’t configured to block any recipients. For more information, see Enable anti-spam functionality on Mailbox servers.

Comment?
Lou