IBM AH0QXML User Guide - Page 75

spammer marks the e-mail address as a valid target for spam. This type of attack simulates the transmission of an e-mail with a large list of recipients. This harvesting technique is especially effective for spammers when you configure Domino 6 to validate recipient addresses during transport by enabling the "Verify that Local Domain Recipients exist in the Domino Directory" setting in Inbound Intended Recipient Controls. For this reason, we do not recommend enabling this setting since it can assist spammers in targeting your domain for spam. However, if you must use the setting, you can reduce the effectiveness of this type of address harvesting by using the Domino 6 ini setting SMTPMaxForRecipients. The SMTPMaxForRecipients setting will not stop harvesting, but may slow it down or reduce it. The intention of the SMTPMaxForRecipients ini setting is to prevent messages with large lists of recipients, but it has the useful side effect of making it a little more difficult for spammers to harvest addresses. 4.5.4 Defending against active attacks We recommend that you configure Domino to hold undeliverable mail. This can be done from the Configuration Settings document, under Router/SMTP → Advanced → Controls. Change the value of the field "Hold undeliverable mail" to Enabled. The field is located in the Additional Controls (Delivery and Transfer) section shown in Figure 4-23. Figure 4-23 Undeliverable mail setting Chapter 4. Domino 6 Server anti-spam features 63