This document describes how to test Bounce Verification (BV) on the Email Security Appliance (ESA).
How do I test Bounce Verification on the ESA?
AsyncOS defines bounces as mail with a null Mail From address (< >) or messages sent by <MAILER-DAEMON@domain.com>. To determine if BV is configured, you can send test messages with null Mail From or MAILER-DAEMON@<domain.com> addresses through the ESA. Bounce Verification sees the messages as 'untagged' bounces and processes them according to your configuration.
You can view test messages within the ESA mail logs or during a manual SMTP conversation:
Connecting to ESA using telnet
telnet esa.example.com 25 Trying 192.168.1.254... Connected to esa.example.com. Escape character is '^]'. 220 esa.example.com ESMTP helo 250 esa.example.com
MAIL FROM command with null sender address
mail from: 250 sender <> ok rcpt to: email@example.com 550 #5.1.0 Rejected by bounce verification.
MAIL FROM command with MAILER-DEAMON@test.com
mail from: MAILER-DAEMON@test.com 250 sender <MAILER-DAEMON@test.com> ok rcpt to: firstname.lastname@example.org 550 #5.1.0 Rejected by bounce verification.
A remote source could spoof any MAILER-DAEMON@ address, but this message is viewed as an untagged bounce by Bounce Verification, if the RCPT-TO address is not tagged with the Bounce Verification key configured on the ESA.