Re: NDR's generated via spoofed from addressAll of my users are behind a firewall and all smtp/pop traffic is forwarded to one IP on the firewall. If I SPFed my ip from the Firewall would that kill me NDR's?
Or maybe I should just sit back down in the corner with my propeller hat on and lick my oversized lollipop..... ----- Original Message ----- From: Kennedy, Jim To: MS-Exchange Admin Issues Sent: Wednesday, April 23, 2008 2:05 PM Subject: RE: NDR's generated via spoofed from address I hear ya, ours is probably similar. edu networks can be exciting. But even if you can narrow it down to a class B that is an improvement..casting a wide address space in your SPF would at least eliminate a great part of the rest of the internet.. From: Salvador Manzo [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 23, 2008 1:57 PM To: MS-Exchange Admin Issues Subject: Re: NDR's generated via spoofed from address Some of us have very weird network setups that make SPF records non-starters... (sigh) On 4/23/08 10:27 AM, "Kennedy, Jim" <[EMAIL PROTECTED]> wrote: You certainly should publish an SPF, it can help and causes no harm as you point out. But I would respectfully suggest that someone sending that much backscatter is already so clueless that they probably don't check SPF either. Firewall them. From: Don Andrews [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 23, 2008 1:23 PM To: MS-Exchange Admin Issues Subject: RE: NDR's generated via spoofed from address Publishing an SPF record may help some depending on the domain(s) the NDR's are coming from. ------------------------------------------------------------------------------ From: Clayton Doige [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 23, 2008 5:38 AM To: MS-Exchange Admin Issues Subject: NDR's generated via spoofed from address Hi all, have a user who is getting nailed with NDR's for email she is not sending. We have verified that there are no matching emails coming out of the E2k3 SP2 server which means that someone 'out there' is spoofing the from address and NDR's are going to that address. What's the best bet to combat this? Said user is getting bored of deleting the NDR's Thanks in advance for any advice J Clayton Doige Project Management Consultant Green IT Solutions Ltd [EMAIL PROTECTED] 01277844943 07949255062 www.greenit.co.uk <http://www.greenit.co.uk> --- Salvador Manzo ______________________________________________________ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
