pdxsrw
asked on
Exchange 2003 Should I Allow Delivery Reports? Allow Non Delivery Reports?
On Exchange 2003 sp2
ESM - Global Settings - Internet Message Format - Default (properties) Advanced Tab
Is it Best Practice/Advisable to have "Allow Delivery Reports" checked? Can you explain the purpose of that feature? (whenever I click on Help to read up on it it crashes ESM...so I would RTFM if I could..but I cant..sooo....)
I understand that having "Allow Non-Delivery Reports" enabled is not a good thing as it is just helping the cause of the spammers... yes?
Thanks!
pdxsrw
ESM - Global Settings - Internet Message Format - Default (properties) Advanced Tab
Is it Best Practice/Advisable to have "Allow Delivery Reports" checked? Can you explain the purpose of that feature? (whenever I click on Help to read up on it it crashes ESM...so I would RTFM if I could..but I cant..sooo....)
I understand that having "Allow Non-Delivery Reports" enabled is not a good thing as it is just helping the cause of the spammers... yes?
Thanks!
pdxsrw
ajarvey
Yes, enabling delivery reports to go out to teh internet will leave you open to directory harvest attacks, and a flood of spammers knocking at your door. I don't reccomend that anyone in a corporate environment enable this functionality on the internet side of things.
Actually, disabling delivery reports can get you blacklisted, and it is recommended that you leave them enabled.
I accept that enabling them will help out spammers, but it's either that or get blacklisted, and cannot send mail to anyone. If you have a good spam filter (IMF with Exchange SP2 is good) and I recommend using an RBL, then you shouldn't see much spam anyway.
-tigermatt
I accept that enabling them will help out spammers, but it's either that or get blacklisted, and cannot send mail to anyone. If you have a good spam filter (IMF with Exchange SP2 is good) and I recommend using an RBL, then you shouldn't see much spam anyway.
-tigermatt
Sorry, that should be "Disabling non-delivery reports can get you blacklisted"
Delivery reports I believe are just the delivery receipts which a user can request when sending a message to confirm the message was delivered.
-tigermatt
Delivery reports I believe are just the delivery receipts which a user can request when sending a message to confirm the message was delivered.
-tigermatt
We're a shop that has over 30 Exchange boxes across the globe, and have never gotten blacklisted as a result of having these features disabled.
ASKER
ajavery - what are you using for Anti Spam measures on your Exchange boxes?
We use an external service based solution for all inbound mail to the enterprise. That setup is also configured to *not* send delivery or non-delivery reports.
To avoid the issues of disabling NDRs, why not just filter out unknown recipients? This will save server resources, since this filter occurs at the SMTP communication level and the NDR nor the message data/content is ever transferred, the message is immediately rejected when a bad address is entered.
http://www.amset.info/exchange/filter-unknown.asp
This is by far a better solution to accepting the mail and not generating an NDR. If a legitimate business message wants to get through, but the sender typed the address incorrect, consider the potential loss to your business if the sender isn't notified of the mistake.
Also on the link above is a feature called the tar pit (bottom of page) which slows the response of your server so it makes it very time consuming for a spammer to try to work out your email addresses by trying to send to hundreds of addresses and seeing which ones are rejected.
-tigermatt
http://www.amset.info/exchange/filter-unknown.asp
This is by far a better solution to accepting the mail and not generating an NDR. If a legitimate business message wants to get through, but the sender typed the address incorrect, consider the potential loss to your business if the sender isn't notified of the mistake.
Also on the link above is a feature called the tar pit (bottom of page) which slows the response of your server so it makes it very time consuming for a spammer to try to work out your email addresses by trying to send to hundreds of addresses and seeing which ones are rejected.
-tigermatt
ASKER
Tigermatt -
regarding filtering out unknown recipients - we do that..and we tarpit as well...but the spam keeps on flowing in to legitimate email accounts....
Death to spammers
regarding filtering out unknown recipients - we do that..and we tarpit as well...but the spam keeps on flowing in to legitimate email accounts....
Death to spammers
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.