e-mail spoofing protection
This product already has integration with domain environments and it will be really great to have functionality to check for existing mailboxes. In case appliance receive an e-mail with randomly generated recipient (real domain with fake user part) it will discard it asap.
I'm not familiar with how it should be properly implemented (may be exchange integration needed), but it will be really awesome functionality!
Enable “Reject unveriﬁed recipient” .A mail server should know which recipients are valid recipients for a relay do-main before accepting the message (i.e., the mail server should know whether there is a valid inbox for the recipient). If an email is accepted for relay but the next server (i.e., the internal mail server) does not accept the message be-cause the recipient is not valid, the email should be bounced by the receivingserver. Bouncing an email after accepting the message is called “backscatter”.Systems that generate email backscatter can end up being listed on a mailblacklist (RBL).By enabling “Reject unveriﬁed recipient” the gateway ‘learns” which recipient addresses are valid or not by querying the server it relays to. When an email is received for an unknown recipient, the server “asks” the server it relays to whether the recipient is a valid recipient or not. The message is onlyaccepted when the next email server reports that the recipient is a valid. Theresult of this veriﬁcation process is cached.The “reject code” is the SMTP result code used when the email is not ac-cepted. This should initially be set to “450” (which tells the connecting SMTPserver that the message is not accepted because of a temporary error). Itshould be changed to “550” (permanent error) when the veriﬁcation procedureworks correctly.