[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 172
  • Last Modified:

Looping condition

Hi I have a 2003 exchnage enviroment and in our config we have a few public facing SMTP servers that our MX records are pointed to and what is happening is when a bogus email address mx record hits our SMTP server the SMTP server hands it off to exchnage and exchange can not deliver the message and it seems like it is sending it back to SMTP and SMTP is sending it right back. Is there a way I can correct this in exchnage so when a bogus email address comes in that Exchnage drops it instead of bouncing it back to the SMTP server? I thought about lowering the hop count but I do not  want to cause legimit email to be droped because of that any ideas?
1 Solution
This is not an Exchange problem.
Your public facing servers are not conforming to the SMTP standards and relaying the NDR back.

If the Exchange servers were public facing, then I would recommend enabling recipient filtering. This stops the messages at the SMTP stage, so they aren't even delivered.
If you are using something else for email delivery, then I would look to see if you can use LDAP lookup to filter recipients at the gateway.

Some people would suggest disabling NDR generation.
I don't tend to recommend this, because it means that legitimate NDRs are also not generated. However as your public facing servers aren't allowed the NDRs out, it becomes a debatable point.

You should really sort out the NDR handling on the public facing servers. Do you want to tell the sale manager that a six figure order was missed because the sender got a spelling incorrect and didn't get an NDR saying so, and therefore presumed that the order was ignored?

I must say this could be a Reverse NDR SPAM issue.

Try and setup Sender / recipient filtering. This would really help cut a lot of SPAM.

I would also suggest considering Connection filtering and add free DNS blocking providers like "SORBS" or "SPAMCORP".

Check KB pasted below;

How to configure connection filtering to use Realtime Block Lists (RBLs) and how to configure recipient filtering in Exchange 2003

Connection filtering would help you curb a lot of dynamic IP's listed with popular DNS blocking organizations and also known SPAM originating IP's.


Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now