rid
asked on
Disabling NDR's on Exchange server
HI all.
I had a discussion with our IT consultants and it makes me want to ask a few questions:
1. If you send a message to baduser@domain.org and baduser doesn't exist, the domain.org mailserver can cut off the SMTP dialogue by saying: "550: user unknown" (or similar) and that is an end of the conversation.
Is this correct?
2. Assuming the above is correct, you can expect a failure report from YOUR mail server, as it concludes there is no recipient with the baduser address, IF your mail server is built to do this. This message is not generated externally.
Is this correct?
3. Exchange mail servers seem to go about this in another manner. They (seem to ) accept incoming mail even if the address is bad and then they create an NDR which is dispatched to the return address of the original message.
Is this correct?
The discussion appeared as I (being "postmaster" of our domain) got a number of NDR's in return from servers that also sent NDR's for bad addresses.... The original message was of course an incoming SPAM message with a spoofed sender, one that had a valid domain name but a bad username... I proposed to switch off NDR's, but our consultants balked at that. I see no real value in NDR's, why don't they like the thoght of switching them off?
Hope the questions are clear enough (looks a bit tangled now, but anyhow).
/RID
I had a discussion with our IT consultants and it makes me want to ask a few questions:
1. If you send a message to baduser@domain.org and baduser doesn't exist, the domain.org mailserver can cut off the SMTP dialogue by saying: "550: user unknown" (or similar) and that is an end of the conversation.
Is this correct?
2. Assuming the above is correct, you can expect a failure report from YOUR mail server, as it concludes there is no recipient with the baduser address, IF your mail server is built to do this. This message is not generated externally.
Is this correct?
3. Exchange mail servers seem to go about this in another manner. They (seem to ) accept incoming mail even if the address is bad and then they create an NDR which is dispatched to the return address of the original message.
Is this correct?
The discussion appeared as I (being "postmaster" of our domain) got a number of NDR's in return from servers that also sent NDR's for bad addresses.... The original message was of course an incoming SPAM message with a spoofed sender, one that had a valid domain name but a bad username... I proposed to switch off NDR's, but our consultants balked at that. I see no real value in NDR's, why don't they like the thoght of switching them off?
Hope the questions are clear enough (looks a bit tangled now, but anyhow).
/RID
ASKER
OK. Thanks for your input.
Our situation is such that we are not depending on incoming e-mail for business, that is, we're not getting any customers or so by e-mail contact. E-mail contatcs are more or less by request and we take care to leave correct address data to external parties.
I would prefer if our server just said "550: user unknown <baduser@domain.com>" and rejected the message, than to have it generate an NDR that in many cases don't have a proper return path anyway. Then it would be up to the originating server to notify clients that their mail didn't go through, locally. To me it seems less waste of the bandwidth...
I'll keep this open a while and see if there are other comments.
Cheers
/RID
Our situation is such that we are not depending on incoming e-mail for business, that is, we're not getting any customers or so by e-mail contact. E-mail contatcs are more or less by request and we take care to leave correct address data to external parties.
I would prefer if our server just said "550: user unknown <baduser@domain.com>" and rejected the message, than to have it generate an NDR that in many cases don't have a proper return path anyway. Then it would be up to the originating server to notify clients that their mail didn't go through, locally. To me it seems less waste of the bandwidth...
I'll keep this open a while and see if there are other comments.
Cheers
/RID
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry about this. The issue is a bit confusing still, but the suggestions are relevant. I will close this, accepting upul007. Thanks!
/RID
/RID
Sometimes the email will never even leave the server. if baduser@domain.org does not exist the email will get a message like below.
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.
<stars.starsinc.com #5.1.1 smtp;550 5.1.1 <lord.marcus@dracula.com>.
That is if you have youre own server.
If it is a relay server that catches the email, then the NDR will get generated from there.
It's a bit complicated but off the cuff it is correct.
2. Yes
3. Our Exchange does not accept emails and then generate the NDR like you state. It simply says that there is no such user and then the senders server pops an answer as below.
This is an automatically generated Delivery Status Notification
Delivery to the following recipient failed permanently:
selesthina@startsinc.com
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 550 5.1.1 User unknown
----- Original message -----
Received: by 10.49.11.2 with SMTP id o2mr738687nfi;
Wed, 12 Apr 2006 02:11:39 -0700 (PDT)
Received: by 10.49.30.3 with HTTP; Wed, 12 Apr 2006 02:11:39 -0700 (PDT)
Message-ID: <20ab6beb0604120211x776cfe
Date: Wed, 12 Apr 2006 15:11:39 +0600
From: "Upul Ratnayaka" <upul.ratnayaka@*****.com>
To: selesthina@startsinc.com
Subject: test NDR
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_1054_
*****
However we did run another software which accepted all emails and then if the message was not accepted by exchange, an NDR (which we were able to customize) was sent off that application.
On the last part of your post, I am expressing my views. I get copies of all undeliverable messages from about 70 users. It just makes my hair go grey just to go through those. Plus I also assist external senders to troubleshoot issues which they have when sending us emails. There are any mistakes there.
If as a corporate house which holds the confidence of it's clients in high esteem, and where they do not send emails properly and do not know that this had happened, we shall surely miss the business.
Internally if Exchange is set not to generate NDR's to internal senders that their email had not gone to the recepient, they will not know until the client calls up that their email had not gone.
Overall NDR's had helped us troubleshoot a lot of internal and external issues. I stand by what your consultant said regarding keeping this function.
Just a thought for you,
Upul