Thanks Chris. Knowing that the alias would be used solely for internal, is there a way to filter out these internal aliases from receiving external emails?
What I have done so far is stamping those email with [EMAIL PROTECTED] and hopefully it works well. On 3/28/07, Chris Scharff <[EMAIL PROTECTED]> wrote:
There's not a lot one can do other than filter NDRs just like you would any other content. Having internal DL MTP addresses with non-dictionary word local-parts also helps somewhat (e.g. [EMAIL PROTECTED]) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wallace Lam Posted At: Wednesday, March 28, 2007 7:01 AM Posted To: swynk Conversation: reverse NDR SPAM Subject: reverse NDR SPAM Recently our company has been received a lot of SPAM in the form of NDR. It looks something like this: === === === === === === === === === === === === === === Your message did not reach some or all of the intended recipients. Subject: Browse list of bots Sent: 3/27/2007 9:49 PM The following recipient(s) could not be reached: [EMAIL PROTECTED] on 3/27/2007 9:56 PM The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address. < card.komifree.ru #5.1.1 X-Unix; 67> === === === === === === === === === === === === === === We receive about 70 - 80 of those every single day and none of the NDR recipients we know of. The bounced email was addressed back to [EMAIL PROTECTED] (replace company with my company name) and this mailbox is generally not used for sending email. So far 5 of our internal aliases have been hit by these NDR SPAM and the worst thing is that those aliases are DLs. So you can imagine the propagations effect. Some of those NDRs came with attachment, which, is obviously a SPAM content. I wonder how I can block or prevent this while allowing the legitimate NDR pass through our SPAM filter as these system generated NDRs ususally have empty sender <> and did not get filtered. Tentatively I have enabled content filtering using keywords and that largely cut these NDR SPAM down by 90% but that also filter out legitimate NDR. Any ideas will be great. Thanks. Wallace _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
_________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
