Mail appears in the quarantine destined for email accounts that do not even exist at your company

PROBLEM:

These emails are the result of what is coined as "Directory Harvesting". Spammers send email to addresses they "think" someone may have at your company to see if it actually goes through.  Typically they look for bounce backs. If it bounces back to them, they know they guessed incorrectly. If it does not bounce back, they believe they have a live email address.

SOLUTION:

By default, your domain(s) is configured as a "catch-all". This means that any email destined for your domain will be accepted, sent through our filters, and to your mail server.  We let your mail server decide whether or not the account really exists.  While this may be the easiest solution for you, it is not the best for two reasons.

[1] It increases your billable mail volume, and it increases traffic to your server.

[2] It may falsely give spammers the impression that they have scored a correct email address at your company. They may then add that address to a database and bombard it with spam in the future.

We recommend that all clients disable the "catch-all" feature on the DOMAIN tab in the Email Management System. You must then add each email address and alias into the system. This tells our system that thos accounts are approved and that they can receive email. Everything else will bounce back to the sender.

While this may seem like a monumental task, it does serve multiple purposes.  First, doing this enables personal quarantines for each user at your company.  Having a personal quarantine relieves the burden from the IT Administrator for having to check the quarantine periodically. Second, we've created a handy import feature that will take a tab delimited file for import. Many mail servers can export existing addresses into this format, making the job quite easy.