Description

MPmail has methods of blocking emails at the perimeter based on mailboxes and settings. This article describes those methods and how to configure MPmail to suit the customer requirements.


Requirements

  • MPmail admin account


The Process

MPmail keeps it's own list of mailboxes. These can be synced with LDAP or 365 Total Protection - noting that Azure AD (and thus Office 365) do not support LDAP. They can also be added manually, although if LDAP is enabled then the add mailbox button is disabled. Workaround is to disable the LDAP sync in the customer service dashboard, manually add the mailbox in the control panel, then re-enable LDAP. The mailbox will not be removed.


MPmail allows three address checking systems at the perimeter to reject invalid addresses.

  1. Control Panel - the email address must exist in the mailbox list in the control panel or the email will be rejected.
  2. LDAP - the email address must exist in the mailbox list in the control panel or the email will be rejected. The mailbox list in this case is synced with LDAP.
  3. SMTP - the control panel will do a SMTP call-ahead to the mail server. If the server reports that the email address does not exist, the email will be rejected.


Office 365 SMTP call ahead out of the box does not work, it does not respond to the request. As a result MPmail will not reject the email.


Mpmail will automatically create a mailbox if it gets 2 successful deliveries to the mail server in a 24 hour period. A successful delivery is one in which is does not get a NDR from the mail server.


Office 365 in some instances will accept an email even though the SMTP address is not valid. It then sends a email back to the sender from a second layer, but as the email is initially accepted, MPmail sees this as a successful delivery, and so will automatically create a mailbox even though the email address does not exist on the mail server. This behaviour can be changed, please refer to https://support.manageprotect.com/a/solutions/articles/44002137238