About the Recipient Validation

By default, Microsoft Exchange Servers do not perform a recipient validation within the SMTP connection of inbound email traffic.

Usually, the recipient validation should be performed after the RCPT TO command and result in a 5xx rejection SMTP response if the recipient is not valid or is unknown to the Microsoft Exchange Server. If no recipient validation is configured, the Microsoft Exchange Server accepts emails to unknown recipients and performs a latebounce afterwards. This causes issues with external spam filter solutions that perform a recipient validation, using the SMTP protocol.

In order to allow us to perform such a recipient validation (user check under Spam and Malware Protection) and use the automatic user creation via SMTP for our Control Panel, follow the steps in this how-to.