Upgrading to a gateway product that does recipient validation a couple of years ago was a huge benefit - and I'm ever so happy that it also detects and auto-blocks DHA's and a number of other mis-behaviors.
-----Original Message----- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2008 11:45 AM To: MS-Exchange Admin Issues Subject: Re: Hundreds of NDRs Oh, yeah, the last two that Don mentions are indeed legitimate sources of NDRs that won't happen during the initial SMTP conversation from the sender to the recipient. However, the first one (where an NDR is generated after receipt for a non-valid recipient) is only legitimate when sending to a DL on a gateway that isn't kept up to date. Kurt On Tue, Oct 7, 2008 at 11:18 AM, Don Andrews <[EMAIL PROTECTED]> wrote: > I can think of a couple of NDR causes that may not be handled during the > initial SMTP conversation - in gateway environments; > > 1. invalid recipient (if recipient validation is not handled by the gateway) > > 2. over quota (in gateway environment again) > > 3. delivery delay or failure notifications - if gateway can't connect to > backend mail server for some period. > > > > In each of these cases, the gateway at the receiving end will accept the > message, then it or the backend mail server will generate and send the NDR > at a later time. > > ________________________________ > > From: wjh [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 07, 2008 11:04 AM > To: MS-Exchange Admin Issues > Subject: Re: Hundreds of NDRs > > > > It shouldn't. a legitimate NDR should happen while the sending and > receiving SMTP servers talk to each other. legitimate sending server > connects to the receiving server and the receiving server accepts the > message or does not. Either way, it is communicating with the sending > server directly...just like if you telnet to your smtp server port 25 and it > gives you feedback. Backscatter email goes through spam server because it > isn't originating from your smtp server. The only legit bounces may come > for users who might have pop or imap accounts setup not to send through your > smtp server. > > There are probably others on the list that understand the protocols better > than me, so feel free to chime in. > > Bill > > > [EMAIL PROTECTED] wrote: > > If this could be done, wouldn't it also block legitimate NDRs? > > > > -------------- Original message -------------- > From: wjh <[EMAIL PROTECTED]> > >> These types of NDRs drive me crazy. Here is one option if you have a >> pretty typical setup. Typical setup: incoming mail comes in through a >> spam gateway device/server, but outgoing mail leaves through your >> exchange server. All legit NDRs should be communicating directly with >> the sending smtp server. If an NDR hits your spam server, then it would >> be backscatter from spam. You could set your spam gateway to block or >> quarantine these false NDRs. They do the user no good anyway. >> >> Bill >> >> [EMAIL PROTECTED] wrote: >> > Exchange 2003 SP2. We occaisionaly have users who get a few NDRs over >> > a couple of days from reipients they did not send to because of >> > spammers spoofing t heir e mail address. At 12:15 I have a user who >> > began getting hundreds of NDRs obviously as a result of a spammer >> > sedning out a bulk email package. These are coming in so fast the user >> > is having a hard time keeping up with the deleting. Anyway to prevent >> > this crap? >> > Thanks. >> > >> >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ > > > > > > > > > > ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
