Undeliverable spam mail from the System Administrator clogging inbox that was never sent in the first place

Posted on 2004-11-11
Last Modified: 2010-05-18
A collegue of mine is receiving hundreds of emails from the system administrator in his inbox with the subject: "Undeliverable" at the begining.

The problem is that the emails are caused by sending mail to a non-existent email address. However he is not sending any emails to any of the addresses. We think there is a virus on an external computer that has his email address and is sending out hundreds of email to 'made-up' email addresses. When these email addresses get rejected then he is receiving all the Undeliverable messages in his inbox.

Is there anyway to either
1. prevent the mail at our end
2. stop the system administrator emails
3. automatically move the system administrator emails to a seperate folder.
4. any other suggestions....

I have tried setting up a rule in Microsoft office but this will not work as it says it's an internal email.
We are running Microsoft Exchange.

Question by:Craig4
    1 Comment
    LVL 104

    Accepted Solution

    Which version of Exchange?

    This sounds like an NDR attack.
    First thing I would do is disable system administrator messages on the SMTP virtual server.

    On the Messages tab, clear the box "Send copy of Non-Delivery Report to:"
    You may want to disable NDRs in ESM as well.

    Have you looked at the queues? There may be a large number of messages waiting which would also indicate that they are being sent through your server.

    There are some other options, but further diagnostics is dependant on the Exchange version and what is in the queues.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Want to promote your upcoming event?

    Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

    Suggested Solutions

    Title # Comments Views Activity
    Exchange 2010 DAG 6 22
    Event 9327, MSExchangeSA 1 21
    exchange 2007, outlook, active directory 6 12
    Learn more about how the humble email signature can be used as more than just an electronic business card. When used correctly, a signature can easily be tailored for different purposes by different departments within an organization.
    Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
    In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
    In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now