MSMVPS.COM
The Ultimate Destination for Blogs by Current and Former Microsoft Most Valuable Professionals.

Stop Spam... but not NDRs

Javier's SBS Wonderland

Syndication

News

  • Search

    <input class="BlogSearch" type="text" name="searchBox" id="blogSearchText" value="" onkeypress="return blogSearch(event, this);"> <input type="button" value="Search" onclick="return blogSearch2('blogSearchText');" class="BlogSearchButton"> <script type="text/javascript"> function blogSearch(event, oInput) { var keyCode = (event) ? event.keyCode : keyStroke.which; if (keyCode == 13) { top.location = 'http://www.google.com/search?q=' + escape(oInput.value) + '+inurl%3Ajavier+site%3Amsmvps.com'; return false; } return true; } function blogSearch2(oInputId) { var oInput = document.getElementById(oInputId); top.location = 'http://www.google.com/search?q=' + escape(oInput.value) + '+inurl%3Ajavier+site%3Amsmvps.com'; return false; } </script>

I realize that any mail server these days receives tons of spam and that SBSers use employ several methods to cope up with that, but I think that disabling NDRs is not a wise choice. For those who don't know: NDR stands for Non Delivery Report and its simply that email that you get when the mail cannot reach its destination (or when it is delayed). Some people disable them because sometimes an SBS box can be sending 100's of spam-related NDRs which takes server resources and bandwidth. Why not disable NDRs then? Let me explain...

There are 2 types of NDRs that concerns us:

  1. An external entity sends an email (either accidentally or on purpose) to a non-existent address in your email domain.
  2. Someone inside your LAN sends an email and Exchange cannot deliver it for some reason.

Evidently, one would like only to disable “type-1” NDRs (more specifically only for those who do it on purpose, i.e. spammers). However, if you disable NDRs in Exchange this will affect
all of them. This means that if you your boss or an external client sends an important email and mistypes the recipient's address they will never get any notification for that. That's not good (at least in my book).

So, what can you do? Use the Recipient Filtering instead (go to Exchange System Manager -> Global Settings -> Message Delivery-> Properties-> Recipient Filtering tab-> Enable "Filter recipients who are not in the Directory"). This way you server will only accept mail destined to valid addresses on your domain, you keep NDRs working and the boss is happy. Also, now it is the responsibility of the sender's mail server to issue NDRs (so people outside your organization will know when they made a mistake).

The disadvantage of doing this is that someone could probe Exchange (some kind of dictionary attack) and get a list of valid email addresses. However, you can minimize this risk thanks to a recent software update for Exchange which adds a delay to anonymous connections. Check out Sean Daniel's blog for the complete info.

Keep tuned! Since SPAM is such a hot topic... I'm planning to blog soon about other things you can do to help reduce it (and a new way to prevent people from forging your domain name to send spam). If you have a suggestion or want me to cover something in particular let me know.


Posted Oct 27 2004, 05:14 PM by Javier
Filed under:

Comments

Javier wrote re: Stop Spam... but not NDRs
on 11-11-2004 22:07
hi !
I am using sbs 2000 and when I go to Exchange System Manager -> Global Settings -> Message Delivery-> Properties-> I dont have Recipient Filtering tab only filtering tab and in there I don't have -> Enable "Filter recipients who are not in the Directory.

I have filter messages that claim to be from the following senders


ADD



And I have 3 boxes I can tick

Archive filtered messages
Filter messages with blank sender
Accept messages without notifying of filtering


Thanks

John
Javier wrote re: Stop Spam... but not NDRs
on 11-11-2004 22:22
I was asked in the 2k newsgroup how to enable this on SBS2k. However, as far as I know Exchange 2000 does not have this capability per se. The only way I think you could do it is to enable recipient filtering and adding each user manually to the list. Alternatively, you could use GFI Mail Essentials (or other similar package) to do this.

I will try to see if I can get a procedure for SBS2000, but it might take me a while since I don't have anymore a SBS2k to play with at home.
Javier wrote re: Stop Spam... but not NDRs
on 02-16-2005 18:25
For exchange 2000

check out

www.vamsoft.com
www.mapilab.com

They both have products which provide recipient filtering for Exchange 2000

TrackBack wrote re:Stop Spam... but not NDRs
on 04-15-2005 17:17
^_^,Pretty Good!
TrackBack wrote re:Stop Spam... but not NDRs
on 05-18-2005 21:55
^_~,pretty good!csharpsseeoo
Javier wrote re: Stop Spam... but not NDRs
on 06-15-2005 20:00
UPDATE-> SBS2003 SP1 has the update to prevent enumeration of your Email accounts if you enable this feature. Another reason to install SP1 :-)
TrackBack wrote re:Stop Spam... but not NDRs
on 07-22-2005 0:37
Stop Spam... but not NDRsooeess
TrackBack wrote re:Stop Spam... but not NDRs
on 08-02-2005 19:58
Stop Spam... but not NDRsooeess

Add a Comment

(required)  
(optional)
(required)  
Remember Me?


Copyright © is the original authors. Blog site is an independent site not sponsored by Microsoft. The Yoda blog server and the Brianna SQL server would like to thank www.ownwebnow.com and www.exchangedefender.com. They wouldn't be here and broadcasting without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems