Disabling NDR's on Exchange server

Posted on 2006-04-10
Last Modified: 2008-03-31
HI all.

I had a discussion with our IT consultants and it makes me want to ask a few questions:

1. If you send a message to and baduser doesn't exist, the mailserver can cut off the SMTP dialogue by saying: "550: user unknown" (or similar) and that is an end of the conversation.
Is this correct?

2. Assuming the above is correct, you can expect a failure report from YOUR mail server, as it concludes there is no recipient with the baduser address, IF your mail server is built to do this. This message is not generated externally.
Is this correct?

3. Exchange mail servers seem to go about this in another manner. They (seem to ) accept incoming mail even if the address is bad and then they create an NDR which is dispatched to the return address of the original message.
Is this correct?

The discussion appeared as I (being "postmaster" of our domain) got a number of NDR's in return from servers that also sent NDR's for bad addresses.... The original message was of course an incoming SPAM message with a spoofed sender, one that had a valid domain name but a bad username... I proposed to switch off NDR's, but our consultants balked at that. I see no real value in NDR's, why don't they like the thoght of switching them off?

Hope the questions are clear enough (looks a bit tangled now, but anyhow).
Question by:rid
    LVL 17

    Expert Comment

    1. This is subjective. If there is a catch all email enabled all emails to will get through. The NDR generation may or may not happen depending on the setting.

    Sometimes the email will never even leave the server. if does not exist the email will get a message like below.

    The e-mail account does not exist at the organization this message was sent to.  Check the e-mail address, or contact the recipient directly to find out the correct address.
        < #5.1.1 smtp;550 5.1.1 <>... User unknown>

    That is if you have youre own server.

    If it is a relay server that catches the email, then the NDR will get generated from there.

    It's a bit complicated but off the cuff it is correct.

    2. Yes

    3. Our Exchange does not accept emails and then generate the NDR like you state. It simply says that there is no such user and then the senders server pops an answer as below.

    This is an automatically generated Delivery Status Notification

    Delivery to the following recipient failed permanently:

    Technical details of permanent failure:
    PERM_FAILURE: SMTP Error (state 9): 550 5.1.1 User unknown

      ----- Original message -----

    Received: by with SMTP id o2mr738687nfi;
           Wed, 12 Apr 2006 02:11:39 -0700 (PDT)
    Received: by with HTTP; Wed, 12 Apr 2006 02:11:39 -0700 (PDT)
    Message-ID: <>
    Date: Wed, 12 Apr 2006 15:11:39 +0600
    From: "Upul Ratnayaka" <upul.ratnayaka@*****.com>
    Subject: test NDR
    MIME-Version: 1.0
    Content-Type: multipart/alternative;


    However we did run another software which accepted all emails and then if the message was not accepted by exchange, an NDR (which we were able to customize) was sent off that application.

    On the last part of your post, I am expressing my views. I get copies of all undeliverable messages from about 70 users. It just makes my hair go grey just to go through those. Plus I also assist external senders to troubleshoot issues which they have when sending us emails. There are any mistakes there.

    If as a corporate house which holds the confidence of it's clients in high esteem, and where they do not send emails properly and do not know that this had happened, we shall surely miss the business.

    Internally if Exchange is set not to generate NDR's to internal senders that their email had not gone to the recepient, they will not know until the client calls up that their email had not gone.

    Overall NDR's had helped us troubleshoot a lot of internal and external issues. I stand by what your consultant said regarding keeping this function.

    Just a thought for you,

    LVL 31

    Author Comment

    OK. Thanks for your input.

    Our situation is such that we are not depending on incoming e-mail for business, that is, we're not getting any customers or so by e-mail contact. E-mail contatcs are more or less by request and we take care to leave correct address data to external parties.

    I would prefer if our server just said "550: user unknown <>" and rejected the message, than to have it generate an NDR that in many cases don't have a proper return path anyway. Then it would be up to the originating server to notify clients that their mail didn't go through, locally. To me it seems less waste of the bandwidth...

    I'll keep this open a while and see if there are other comments.

    LVL 17

    Accepted Solution


    the link relates to exchange server 2003,

    I think the second para may have a solution for the bandwidth usage due to NDR's.

     Step 2: Configure recipient filtering in Exchange Server 2003
    In the default Exchange configuration, e-mail that is sent to name of your e-mail is accepted as local regardless of the e-mail alias that the message is addressed to. The e-mail alias is the part of the e-mail address that is on the left side of the at (@) symbol. If an e-mail message is sent to an alias that is not valid, the Simple Mail Transfer Protocol (SMTP) service receives the whole message, and then queries the Active Directory directory service for a user or a distribution group that has a matching e-mail alias. For example, if an e-mail message is sent to invalid user name@name of your e-mail, SMTP queries Active Directory for a user or a distribution group that has the invalid user name@name of your e-mail alias. However, if the e-mail alias does not exist, Exchange tries to send an NDR to the original e-mail message sender. This can cause many messages, queues, or both, to appear in Exchange System Manager.

    After you enable recipient filtering, Exchange validates the e-mail address before Exchange accepts the e-mail message. In this scenario, if no match for this e-mail alias appears in Active Directory, an NDR is still generated. However, in this scenario, it is the responsibility of the sending SMTP server instead of your Exchange server to generate and to deliver the NDR.
    Note Recipient filtering is only available in Exchange 2003 Server.

    Hope this helps.

    LVL 31

    Author Comment

    Sorry about this. The issue is a bit confusing still, but the suggestions are relevant. I will close this, accepting upul007. Thanks!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    I tend toward trying the newest hardware and software.  Thiss sometimes works out to my benefit, and sometimes not.  Because I downloaded and installed Android 5.x (…
    Pegasus Mail ( is a donation ware that is a collaboration of David Harris along with his team members. It is a desktop mail client that offers the option of configuring more than one mail account with single set up. It supports…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now