Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NDRs are audited as SPAM 2

Status
Not open for further replies.

irvmoy

IS-IT--Management
May 22, 2002
8
US
Two spams for the price of one!

I'm running an Exch5.5 server that is being bombarded with SPAM(1). The spammers are sending to anyone@mydomain.com and they are using fictitous sender email addresses. I don't have many mailboxes, so most of the mail results in invalid delivery addresses.

As a result, my server is sending out NDRs by the hundreds. Some of the fictitious sender addresses contain valid domains so it appears my server is sending out SPAM(2). The ISPs are also constantly checking my server for an open relay - but I have relaying blocked.

How to I stop reverse UCE? How can I disable the NDRs to prevent outbound emails to the fictitious addresses?
 
Never ever allow the server to send out NDR's !
That is the way they bombard you, until the find an account that does not give an NDR, then they know it's real.
This spammer has got you now, so try to track him, but if you disable all NDR to the internet now, others will give up.
Same goes for Out Of Office Notifications BTW.

Marc
[sub]If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all. Please specify details.
Free Tip: The F1 Key does NOT destroy your PC!
[/sub]
 
I have rerouting enabled and I am not an open relay. The reverse UCE described in the above article is not happening to me since I am rerouting.

I did notice Out of Office Notification to Internet is enabled. I will disable and see if things improve.

Is there any way to disable all NDRs to the internet? I still want to get the admin notifications, I just don't want NDRs sent outside.
 
It does not matter that you are not relaying or rerouting, if your server sends an NDR, you are confirming your domain existense, that is what I try to say, you only damage yourself.
The NDR to internet can be disallowed in the Internet MAil Connector, just like the OoO.
Internally, you will receive NDR's, they just won't go out anymore.

Marc
[sub]If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all. Please specify details.
Free Tip: The F1 Key does NOT destroy your PC!
[/sub]
 
I got this fix from another post and It's working so far!

I had the same problem and made these changes. Under the routing tab in internet mail service properties check reroute incoming smtp mail, in that box type in your email address(yahoo.com) what ever domain you relay for. Make sure that they are route to inbound. Then click on the routing restrictions button and check host and clients with these ip addresses and leave that box blank but checked. this fools the email to foward to nowhere. After making these changes you have to restart the Internet Mail Service.
 
And here's how to get rid of the <> messages for good -
See my FAQ entiteled Non-Delivery Reports.
Hope this helps you all :)
 
So everybody says to disable NDR's, but can anybody tell me how to do it in Exchange Server 5.5?
 
Do you have any better details than that? I have been in there all day and I can't find it.
 
I don't have a 5.5 in front of me, but it is in there. There is also an F1 key ;-)

Marc
[sub]If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all. Please specify details.
Free Tip: The F1 Key does NOT destroy your PC!
[/sub]
 
I started this thread over a month ago. Everyone contributing to this thread claims there is a setting to disable NDRs in Exchange 5.5. I've searched all the options in the Internet Mail Connector. I can't find it.
I feel as if I am searching for a UFO. Everyone claims they are out there. However, no one can provide any solid evidence that it exists.
If anyone who claims to have seen the setting could actually provide some solid evidence, we would all become believers. Could anyone prove there is a setting to disable the NDRs? Just tell us what folder tab or buttons to click. We still don't believe it exists!
 
Okay here:

1) Open Exchange Administrator
2) Select your Site from the left
3) Select Configuration
4) Select Connections
5) Select Internet Mail Service

Now on the Tab labelled &quot;Internet Mail&quot; (which should be the first tab you see).

Top right of screen select the Button labelled &quot;Notifications&quot;.

Your in the NDR section, select &quot;Send notifications for these non-delivery reports&quot; and then un-check every box below it.

This should do it. You will need to restart the IMS service on the exchange server for the changes to take effect.
 
guys,

i am also encountering this scenarios/situations.
could somebody please post a better/simpler or what someone would call &quot;Configuring Exchange Anti-Spam for Dummies&quot; help.

gracias...

igor
 
i tried the settings mentioned above.. and i'll wait/see if it shall work as stated, but will i still receive ndr's internally so that i can also monitor what is happening to my system?

gracias senor grenage!

igor
 
hey marcs41,
i'm just confirming this...
1. so the solution is enabling/selecting both the
(1) disable OoOffice responses
(2) disable Auto Replies

2. what about grenage's suggestion? will i also need to do this?

gracias,
igor
 
Yes, disable it all.
These 2 but also all other like Grenage posted.

All this was already posted from the beginnig of this thread anyway.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top