Automated reports are suppressed to recipient addresses that cannot be validated. Spammers often buy lists of email addresses and use these to send spam emails to servers with catch-all set up, as such, it leaves you more susceptible to spam mail.
By default, Mail Assure accepts all mail to valid recipients, based on the destination mail server response to a "recipient callout" query.
If catch-all is enabled on the mail server, Mail Assure will quarantine and send quarantine reports to all the mailboxes addresses regardless of whether the mailbox exists in Mail Assure (as confirmed valid by the receiving server, to the callout) and the customer will be billed for it. To prevent this from happening, and risk being billed for more mailboxes than expected, when the domain is added to Mail Assure, we will test if it has catch-all set up and if is detected, Mail Assure automatically logs that the destination mail server has a catch-all mailbox. Mail Assure now knows not to trust the mail server's response and will automatically switch off the sending of automated reports:
- Auto ESRs (Automatic Email Scout Reports), see Configure Domain Settings
- Protection Reports
We strongly advise that you disable all catch-all behavior from all receiving servers. If this behavior is present, the following settings should be used:
- In Mailboxes Configuration > Configuration Tab when logged in to the Domain Level Control Panel, ensure Only accept email to your defined mailboxes is ticked
- Ensure Mailbox Protection And Processing Mode is set to Protect specific mailboxes only
- Ensure the mailboxes and mailbox aliases lists are complete
To assist with filling the mailboxes and mailbox aliases lists, consider LDAP Mailbox Sync to populate the lists from your Active Directory
- Ensure each valid mailbox has filtering enabled by editing the mailbox settings