ArticlesArticles Most Popular ArticlesMost Popular Articles
RSS Feeds
DrillDown Icon Table of Contents
DrillDown Icon 2020 Official Holidays & Support Schedule
DrillDown Icon IMPORTANT: End of Life of SHA1 on Windows Server 2003
DrillDown Icon IMPORTANT: Supported Operating Systems
DrillDown Icon PLEASE READ: Our Update Server IPs Have Changed
DrillDown Icon Support
DrillDown Icon modusGate for Microsoft Azure
DrillDown Icon modusCloud
DrillDown Icon Alleviating Spam – Best Practices
DrillDown Icon directQuarantine Technical Information
DrillDown Icon modusMail & modusGate Technical Information
DrillDown Icon Documentation & Release Information
DrillDown Icon Known Issues (non-release related)
DrillDown Icon Configuration Information
DrillDown Icon modusGate & modusMail
DrillDown Icon modusGate Only
DrillDown Icon How-to: Perform a Backup/Restore on a modusGate Appliance
DrillDown Icon How-to: Integrate modusGate with a PGP Gateway
DrillDown Icon How-to: Reset a ModusGate Appliance to its Original State
DrillDown Icon How-to: Encrypt ModusGate User List Population and Authentication Requests
DrillDown Icon How-to: Install ModusGate v4.4 on Small Business Server 2003
DrillDown Icon Info: Appliance Cannot Access the ModusGate Console or System Health Panel
DrillDown Icon Info: ModusGate Appliance Cannot be Reached after Hooking up to the Network
DrillDown Icon How-To: Configure ModusGate with Specific OpenLDAP Server Attributes
DrillDown Icon How-To: Configure ModusGate with Sun One Open Directory for Sun Email Servers
DrillDown Icon Info: Mailbox Verification vs. Mailbox Authentication
DrillDown Icon How-To: Deactivate the Mimicking of Active Directory’s "Disabled Accounts" in ModusGate
DrillDown Icon Info: Forward Lookup / Pre-auth Options in ModusGate
DrillDown Icon How-To: Change the IIS Port on the ModusGate Appliance
DrillDown Icon How-To: Configure ModusGate with an Exchange/Outlook Junk Email Folder
DrillDown Icon How-To: Deploy ModusGate with Exchange/LDAP Servers
DrillDown Icon How-To: Deploy ModusGate with Groupwise
DrillDown Icon How-To: Deploy ModusGate with Lotus Domino 5 & 6
DrillDown Icon How-To: Deploy ModusGate with Postfix
DrillDown Icon How-To: Deploy ModusGate with Qmail
DrillDown Icon How-To: Deploy ModusGate with Sendmail
DrillDown Icon How-To: Prevent the Accumulation of Invalid User Names with Remote Exchange Server
DrillDown Icon How-To: Test POP3 Authentication with ModusGate
DrillDown Icon Info: Modusadm will not start while installed on Exchange 2013.
DrillDown Icon How-To: Upgrade NEP to modusGate \ modusCloud
DrillDown Icon How-To: Deploy ModusGate with Azure
DrillDown Icon modusMail Only
DrillDown Icon SQL Server Information
DrillDown Icon MySQL Information
DrillDown Icon Security
DrillDown Icon Sieve
DrillDown Icon Spam and False-Positives
DrillDown Icon Statistics and Monitoring Section
DrillDown Icon Web Components
DrillDown Icon Troubleshooting
DrillDown Icon Hardware & OS System Requirements
DrillDown Icon Tools
DrillDown Icon Other Product Technical Information
DrillDown Icon Professional Services
DrillDown Icon Newsletters
  Email This ArticlePrint PreviewPrint Current Article/Category and All Sub-Articles/Categories
 
Info: Forward Lookup / Pre-auth Options in ModusGate

 

Product: ModusGate

Version & Build: All

 

ModusGate can be configured to work with most Unix-based and Windows MTA servers.  This is achieved by using the forward lookup option (Automatically populate user list)  found in the Console, under Connection - Properties - General.  This setting establishes the type of communication that will be used between ModusGate and the mail and/or authentication server to determine ifthe recipient address exists on the local system or not:

  • If the response from the mail/authentication server is an invalid mailbox type error, Modus rejects the message and bounces it back to the sending server with a delivery failure report, thus providing security for your mail server and reducing its load at the same time.
  • If the address does exist, Modus accepts the message for processing and sends it to the mail server for local delivery (assuming it's not quarantined or deleted because of content, based on ModusGate's settings)
  • If there is no specific invalid mailbox response from the mail server, the address is assumed to be good and is accepted and processed by Modus

This latter behavior often occurs when using a simple SMTP connection for the forward lookup and it depends entirely on how the mail server itself handles invalid addresses.  The downside to this behavior is that mailboxes for invalid names automatically created on the ModusGate server and counted towards your licensed user limit.

To prevent this from happening, it is recommended that you use one of the other selections such as SMTP_VRFY or OpenLDAP, if your server and/or network configuration supports the use of these options.  For example, most mail servers do not natively support SMTP_VRFY but some can be tweaked to accept it (e.g. by making a change in the Registry).  To find out of your mail server can use this option, please consult your product manual and/or website for configuration details.  NOTE: For information about Exim server configuration, go to http://www.exim.org/

The following is a list of available forward lookup or authentication options.  The one you should use depends on what your mail server is able to support:

SMTP:  This provides no authentication (see above).  It simply allows a straight SMTP connection between ModusGate and the mail server and relies on the mail server itself to reject messages sent to invalid addresses.  Use this setting only if the mail server does not support one of the other authentication options.  Otherwise, consider using Disabled (see below).

SMTP_VRFY:  Use this setting only if the mail server supports it (possibly by making a change in the Registry - consult your mail server documentation for configuration details)

Exchange 2000+:  Can only be used with Exchange 2000, 2003 servers

Exchange 5.5:  Can only be used with Exchange 5.5 servers

Lotus Domino:  Can only be used with Lotus servers

Open LDAP:  This is the recommended method for most mail servers that support LDAP (excluding Exchange and Lotus)

Disabled:  This can be used if one of the above settings is not a viable option and if the SMTP connection does not provide enough security for your system.  This setting turns off the automatic mailbox creation and requires that you manually enter the valid user names in the Users panel of the ModusGate Console.  While it requires more work to set up, it offers protection from abuse for both the ModusGate and the mail server by limiting the permitted mail to only the addresses specified.

 

Modified 12/20/2006
Keywords: forward lookup, SMTP_VRFY, OpenLDAP, exim
Article ID: 1256