Solved

No NDR's when sending to non-existent external address

Posted on 2006-10-28
5
615 Views
Last Modified: 2010-05-18
Hi all,

For some unknown reason our exchange 2003 server has stopped sending NDR's when an email is sent externally to an address which does not exist, but does if an email is sent internally to an address which does not exist, i.e.

Send an email to xxx@mydomain.com (an address which does not exist internally) and exchange reports a NDR

Send an email to xxx@notmydomain.com (an address which does not exist externally) and exchange does not report a NDR.

I have checked that no filters are applied in Global Settings > Message Delivery.  I have also set it to send a copy of any NDR's to my account and nothing comes through when sending an email to an invalid external address.  Allow non-delivery reports is also ticked in Global Settings > Internet message format

The server is up to date with all updates, etc.

Hoping you can help
0
Comment
Question by:adolphus850
  • 3
  • 2
5 Comments
 
LVL 24

Expert Comment

by:flyguybob
ID: 17826593
Adolphus -
Have you tried this with an external account, such as a Hotmail account?  It could be that some locations have turned off their NDRs.
The setting that you set, allow non-delivery reports, is for senders external to your organization attempting to send inside your org.
If you try bob@notadomainwhichreallyreallyexistsbutactuallydoesnot.com, you should get an NDR.
...and if your Exchange server is front-ended by another SMTP server(s), say that of your ISP, they may block the NDRs to prevent NDR attacks, such as those related where they spoof an address, such as CEO@Mycompany.com and the reply-to is CEO@mycompany.com.  That address does not exist, so it floods the postmaster mailbox.

Bob
0
 
LVL 5

Author Comment

by:adolphus850
ID: 17828336
Hi Bob,

That's my understanding of it too.  If i send an email to bob@notadomainwhichreallyreallyexistsbutactuallydoesnot.com, i should get a NDR but i'm not.

I've turned on the following diagnostics logging but nothing is showing up in the event log either:

Routing Engine\Service - Maximum
Categorizer - Maximum
SMTP Protocol - Maximum
NDR - Maximum

I can see the categorizer realise that its for another domain and firing the message off, but i would assume that at this point a NDR event should be generated indicating that exchange could not find the address.

Adol
0
 
LVL 24

Accepted Solution

by:
flyguybob earned 500 total points
ID: 17840024
Do this...
Go to your Exchange server, or Exchange front-end.
Open a command prompt
type nslookup
type set type=mx
type gmail.com
The lowest preference should be
gmail.com       MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
type set type=a
gmail-smtp-in.l.google.com
You should get - 72.14.205.27


type Telnet gmail-smtp-in.l.google.com 25
See if this comes up:
220 mx.google.com ESMTP somethinghere

If so, you are not being proxied.
Send an e-mail to an external account (you can do something similar to the above) and look at the headers.  Look to see if there is something between your server and the first hop of the remote system (in this case the gmail-smtp-in.l.google.com 72.14.205.27 address).
Do the same on a message from the outside in.  See if there is something between their system and your system.

If you are using a firewall with mail control software, see if it has a protection provision to suppress NDRs.  Check the same for your anti-virus and anti-spam software, if you are (hopefully) running some.

0
 
LVL 5

Author Comment

by:adolphus850
ID: 17862348
Hi bob,

I'll accept your answer there.  We relay our mail before it leaves our organisation to another machine which adds on the disclaimer.  The antivirus on the 'disclaimer' machine appears to be blocking the response to exchange which would normally trigger a NDR.  I assume this traffic must be slightly different to a read or delivery receipt, etc. as we have been getting those fine.

Many thanks for your help and pointing in the right direction,

Adol
0
 
LVL 24

Expert Comment

by:flyguybob
ID: 17862434
Thanks.  That relay will be what is blocking the NDR.  The key is to find, from the vendor, if it is an anti-spam setting, a message defense setting, or if it is not a setting at all.  If you want to post the vendor information, I would be more than happy to dig through their website and/or documentation to find the reference as to why it is doing this.  If not, thanks a bunch for the A grade and the response!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
how to add IIS SMTP to handle application/Scanner relays into office 365.

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question