We are being attacked by someone exploiting the reverse NDR issue in exchange 2003. I have followed all the instructions at http://support.microsoft.com/default.aspx?scid=kb;EN-US;886208
, but exchange still sends out NDR's for email addresses that are not valid in the domain.
I have checked and tripple checked the settings and they are correct as according to the KB article. Is there something else that could be causing this.
The server is an SBS 2003 machine with all the latest service packs installed. There are no ports open on the firewall/router and exchange is configured to pop email from a catch all account.