Document information

Document ID: 4679
Subject: Active Directory/LDAP lookup when using SMTP Proxy Server
Creation date: 12/14/15 4:35 PM
Last modified on: 10/21/20 11:45 AM

Active Directory Lookup in SMTP Proxy

Xeams does not query an Active Directory (by default - see exception below) when you use the SMTP Proxy Server to receive inbound emails. This is because there is no need for it.

In Proxy mode, the actual SMTP server is the one that can accept or reject an email. Therefore, as long as your actual email server rejects incoming emails for invalid users, Xeams will also do the same. Therefore, in order to reject emails for invalid users, you need to configure the actual email server, not Xeams, to reject incoming emails for invalid users.

Further explanation

The term "Proxy" means Xeams sits in between the sender and your actual server, which could be MS Exchange, SendMail, Lotus Dominos or any other SMTP Server. Following example assumes you are using MS Exchange as your actual server. The table below shows the actual communication between three machines: Sender's SMTP, Xeams and Exchange.

StepSender's SMTPXeamsExchange
1 Sender establishes a new connection
2 Xeams creates a new connection to your Exchange
3 Sender sends HELO/EHLO
4 Xeams sends HELO/EHLO to Exchange
5 Exchange sends a response for the HELO/EHLO greeting back to Xeams
6 Xeams sends the response to HELO/EHLO command back to sender
7 Sender sends the MAIL FROM address
8 Xeams passes this MAIL FROM to Exchange
9 Exchange can either accept or reject this value and sends a reply back
10 Xeams sends the exact code back to the sender. Therefore, if Exchange rejects the MAIL FROM, Xeams will send that message back to the sender and email will not be sent.
11 Assuming Exchange accepted the MAIL FROM, Sender now sends RCPT TO email
12 Xeams passes this exact value to Exchange
13 Again, Exchange has the ability to either accept or reject this recipient. This is the reason why you MUST configure your Exchange to reject invalid users as well as the domains it will accept.
14 Xeams sends the SMTP code sent by Exchange to Sender
15 Further communication from sender depends upon the acceptance or rejection of the RCPT TO command from Exchange

An Exception to Rule

If you're using MS Exchange 2013 or 2016, this rule does not apply. That's because these servers DO NOT reject invalid users at the RCPT TO command. Instead, they do it AFTER DATA, which makes Xeams accept emails even if a user is invalid. If this is the case, you will have to:

  • Configure AD
  • Check Use Active Directory under SMTP Proxy Configuration
For every other server, including older versions of MS Exchange, there is no need for AD when receiving inbound emails through the SMTP proxy server.

Add a comment to this document

Do you have a helpful tip related to this document that you'd like to share with other users?

Important: This area is reserved for useful tips. Therefore, do not post questions here. Instead, use our public forums to post questions.