This article applies to:

• Trustwave MailMarshal (SEG) (6.1.8 and above) 

Question:

• Why does MailMarshal SMTP not remove recipients from the email when flagged by DHA?
• DHA response changed in MailMarshal SMTP 6.1.8

Information:

• In versions of MailMarshal SMTP prior to 6.1.8, each recipient found to be invalid by the anti-DHA facility is stripped and a SMTP response 555 invalid recipient is returned to the sending server. This behavior reduces the load on internal email servers and reduces NDR sending, but it does not accomplish the task of DHA protection.
• In version 6.1.8 and above, no response is sent until the configured limit is reached. When the limit is reached MailMarshal sends 556 Too many invalid recipient requests. Closing connection.
• In version 6.1.8 and above, by default anti-DHA does not strip recipients.

Version 6.2 through 8.2 provides a Registry setting to permit the invalid recipient information to be stripped

• The setting is not available in MailMarshal (SEG) 10.X.

To configure stripping of invalid recipients by anti-DHA:

Warning: Using the Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Trustwave cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Make sure that you backup your Registry prior to making any changes.

1. On the Array Manager, edit the Registry. Note that this setting is not available in MailMarshal (SEG) 10.X.
2. Navigate to the SEG Receiver DHA key:
   • In version 8.X: HKEY_LOCAL_MACHINE\SOFTWARE\Trustwave\Secure Email Gateway\Default\Receiver\DHA
   • For full details of the location for each product version, see article Q10832.
3. Add a new DWORD value named StripInvalidRecipients 
4. Set the value to 1.  
5. Commit the configuration changes, ensure that configuration has been updated, and then restart the MailMarshal Receiver service on each node.