Can ORF swallow rejected mail?

I am using ORF in between a relay (internet-facing) smtp server and my exchange server, and it works great. However, when orf rejects a spam e-mail when the relay server tries to forward it to exchange, the relay server wants to send a delivery failure notice to the originator of the e-mail, which is often non-existent. What I'd like to have is a way of getting orf to just swallow a message that would otherwise be rejected and returned, if it fails orf's tests.

I realize this has the potential for causing false positives to be lost completely, but I have orf's settings configured such that I have not yet seen a false positive detection. I have decided that I'm willing to take that small risk in return for unloading my relay server from the bounces.

David Kerber (December 28, 2010)

@David Kerber: Indeed, this is a side-effect of running ORF behind a front-end. We have blogged about this issue at http://blog.vamsoft.com/?p=89.

The direct approach to stop this from happening is changing the On Arrival action of ORF to e.g. tagging or redirecting the email, then configuring Exchange to drop these emails (there no silent drop in ORF - can be voted at http://www.vamsoft.com/features/features_more.asp?fi=41). Exchange 2007+ has Transport Rules that help accomplishing this. The rule from the article at http://blog.vamsoft.com/2009/09/30/tales-from-tech-support-part-7-orf-and-scl-scoring/ can be modified for this, using the DeleteMessage action (http://technet.microsoft.com/en-us/library/aa998315.aspx).

Another approach would be to move ORF to the network perimeter, where it is ideally deployed. This has numerous benefits, from Before Arrival filtering becoming available to preventing the above issue from happening.

Please let me know if this has helped.

Peter Karsai (ORF Team) (December 29, 2010)
in response to this post

Using your Exchange 2007 article, having ORF tag and having Exchange silently drop the messages works fine; thanks!

David Kerber (December 29, 2010)