• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6030
  • Last Modified:

Disabling NDR's on Exchange server

HI all.

I had a discussion with our IT consultants and it makes me want to ask a few questions:

1. If you send a message to baduser@domain.org and baduser doesn't exist, the domain.org mailserver can cut off the SMTP dialogue by saying: "550: user unknown" (or similar) and that is an end of the conversation.
Is this correct?

2. Assuming the above is correct, you can expect a failure report from YOUR mail server, as it concludes there is no recipient with the baduser address, IF your mail server is built to do this. This message is not generated externally.
Is this correct?

3. Exchange mail servers seem to go about this in another manner. They (seem to ) accept incoming mail even if the address is bad and then they create an NDR which is dispatched to the return address of the original message.
Is this correct?

The discussion appeared as I (being "postmaster" of our domain) got a number of NDR's in return from servers that also sent NDR's for bad addresses.... The original message was of course an incoming SPAM message with a spoofed sender, one that had a valid domain name but a bad username... I proposed to switch off NDR's, but our consultants balked at that. I see no real value in NDR's, why don't they like the thoght of switching them off?

Hope the questions are clear enough (looks a bit tangled now, but anyhow).
/RID
0
rid
Asked:
rid
  • 2
  • 2
1 Solution
 
upul007Commented:
1. This is subjective. If there is a catch all email enabled all emails to whatevername@domain.com will get through. The NDR generation may or may not happen depending on the setting.

Sometimes the email will never even leave the server. if baduser@domain.org does not exist the email will get a message like below.

The e-mail account does not exist at the organization this message was sent to.  Check the e-mail address, or contact the recipient directly to find out the correct address.
    <stars.starsinc.com #5.1.1 smtp;550 5.1.1 <lord.marcus@dracula.com>... User unknown>

That is if you have youre own server.

If it is a relay server that catches the email, then the NDR will get generated from there.

It's a bit complicated but off the cuff it is correct.

2. Yes

3. Our Exchange does not accept emails and then generate the NDR like you state. It simply says that there is no such user and then the senders server pops an answer as below.

This is an automatically generated Delivery Status Notification

Delivery to the following recipient failed permanently:

    selesthina@startsinc.com

Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 550 5.1.1 User unknown

  ----- Original message -----

Received: by 10.49.11.2 with SMTP id o2mr738687nfi;
       Wed, 12 Apr 2006 02:11:39 -0700 (PDT)
Received: by 10.49.30.3 with HTTP; Wed, 12 Apr 2006 02:11:39 -0700 (PDT)
Message-ID: <20ab6beb0604120211x776cfe9cr62e1fac6373163b2@mail.gmail.com>
Date: Wed, 12 Apr 2006 15:11:39 +0600
From: "Upul Ratnayaka" <upul.ratnayaka@*****.com>
To: selesthina@startsinc.com
Subject: test NDR
MIME-Version: 1.0
Content-Type: multipart/alternative;
       boundary="----=_Part_1054_19620805.1144833099402"

*****

However we did run another software which accepted all emails and then if the message was not accepted by exchange, an NDR (which we were able to customize) was sent off that application.

On the last part of your post, I am expressing my views. I get copies of all undeliverable messages from about 70 users. It just makes my hair go grey just to go through those. Plus I also assist external senders to troubleshoot issues which they have when sending us emails. There are any mistakes there.

If as a corporate house which holds the confidence of it's clients in high esteem, and where they do not send emails properly and do not know that this had happened, we shall surely miss the business.

Internally if Exchange is set not to generate NDR's to internal senders that their email had not gone to the recepient, they will not know until the client calls up that their email had not gone.

Overall NDR's had helped us troubleshoot a lot of internal and external issues. I stand by what your consultant said regarding keeping this function.

Just a thought for you,

Upul
0
 
ridAuthor Commented:
OK. Thanks for your input.

Our situation is such that we are not depending on incoming e-mail for business, that is, we're not getting any customers or so by e-mail contact. E-mail contatcs are more or less by request and we take care to leave correct address data to external parties.

I would prefer if our server just said "550: user unknown <baduser@domain.com>" and rejected the message, than to have it generate an NDR that in many cases don't have a proper return path anyway. Then it would be up to the originating server to notify clients that their mail didn't go through, locally. To me it seems less waste of the bandwidth...

I'll keep this open a while and see if there are other comments.

Cheers
/RID
0
 
upul007Commented:
Hi,

the link http://support.microsoft.com/?kbid=886208 relates to exchange server 2003,

I think the second para may have a solution for the bandwidth usage due to NDR's.

 Step 2: Configure recipient filtering in Exchange Server 2003
In the default Exchange configuration, e-mail that is sent to name of your e-mail domain.com is accepted as local regardless of the e-mail alias that the message is addressed to. The e-mail alias is the part of the e-mail address that is on the left side of the at (@) symbol. If an e-mail message is sent to an alias that is not valid, the Simple Mail Transfer Protocol (SMTP) service receives the whole message, and then queries the Active Directory directory service for a user or a distribution group that has a matching e-mail alias. For example, if an e-mail message is sent to invalid user name@name of your e-mail domain.com, SMTP queries Active Directory for a user or a distribution group that has the invalid user name@name of your e-mail domain.com alias. However, if the e-mail alias does not exist, Exchange tries to send an NDR to the original e-mail message sender. This can cause many messages, queues, or both, to appear in Exchange System Manager.

****************
After you enable recipient filtering, Exchange validates the e-mail address before Exchange accepts the e-mail message. In this scenario, if no match for this e-mail alias appears in Active Directory, an NDR is still generated. However, in this scenario, it is the responsibility of the sending SMTP server instead of your Exchange server to generate and to deliver the NDR.
****************
Note Recipient filtering is only available in Exchange 2003 Server.

Hope this helps.

Upul
0
 
ridAuthor Commented:
Sorry about this. The issue is a bit confusing still, but the suggestions are relevant. I will close this, accepting upul007. Thanks!
/RID
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now