Solved

No NDR's when sending to non-existent external address

Posted on 2006-10-28
5
606 Views
Last Modified: 2010-05-18
Hi all,

For some unknown reason our exchange 2003 server has stopped sending NDR's when an email is sent externally to an address which does not exist, but does if an email is sent internally to an address which does not exist, i.e.

Send an email to xxx@mydomain.com (an address which does not exist internally) and exchange reports a NDR

Send an email to xxx@notmydomain.com (an address which does not exist externally) and exchange does not report a NDR.

I have checked that no filters are applied in Global Settings > Message Delivery.  I have also set it to send a copy of any NDR's to my account and nothing comes through when sending an email to an invalid external address.  Allow non-delivery reports is also ticked in Global Settings > Internet message format

The server is up to date with all updates, etc.

Hoping you can help
0
Comment
Question by:adolphus850
  • 3
  • 2
5 Comments
 
LVL 24

Expert Comment

by:flyguybob
Comment Utility
Adolphus -
Have you tried this with an external account, such as a Hotmail account?  It could be that some locations have turned off their NDRs.
The setting that you set, allow non-delivery reports, is for senders external to your organization attempting to send inside your org.
If you try bob@notadomainwhichreallyreallyexistsbutactuallydoesnot.com, you should get an NDR.
...and if your Exchange server is front-ended by another SMTP server(s), say that of your ISP, they may block the NDRs to prevent NDR attacks, such as those related where they spoof an address, such as CEO@Mycompany.com and the reply-to is CEO@mycompany.com.  That address does not exist, so it floods the postmaster mailbox.

Bob
0
 
LVL 5

Author Comment

by:adolphus850
Comment Utility
Hi Bob,

That's my understanding of it too.  If i send an email to bob@notadomainwhichreallyreallyexistsbutactuallydoesnot.com, i should get a NDR but i'm not.

I've turned on the following diagnostics logging but nothing is showing up in the event log either:

Routing Engine\Service - Maximum
Categorizer - Maximum
SMTP Protocol - Maximum
NDR - Maximum

I can see the categorizer realise that its for another domain and firing the message off, but i would assume that at this point a NDR event should be generated indicating that exchange could not find the address.

Adol
0
 
LVL 24

Accepted Solution

by:
flyguybob earned 500 total points
Comment Utility
Do this...
Go to your Exchange server, or Exchange front-end.
Open a command prompt
type nslookup
type set type=mx
type gmail.com
The lowest preference should be
gmail.com       MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
type set type=a
gmail-smtp-in.l.google.com
You should get - 72.14.205.27


type Telnet gmail-smtp-in.l.google.com 25
See if this comes up:
220 mx.google.com ESMTP somethinghere

If so, you are not being proxied.
Send an e-mail to an external account (you can do something similar to the above) and look at the headers.  Look to see if there is something between your server and the first hop of the remote system (in this case the gmail-smtp-in.l.google.com 72.14.205.27 address).
Do the same on a message from the outside in.  See if there is something between their system and your system.

If you are using a firewall with mail control software, see if it has a protection provision to suppress NDRs.  Check the same for your anti-virus and anti-spam software, if you are (hopefully) running some.

0
 
LVL 5

Author Comment

by:adolphus850
Comment Utility
Hi bob,

I'll accept your answer there.  We relay our mail before it leaves our organisation to another machine which adds on the disclaimer.  The antivirus on the 'disclaimer' machine appears to be blocking the response to exchange which would normally trigger a NDR.  I assume this traffic must be slightly different to a read or delivery receipt, etc. as we have been getting those fine.

Many thanks for your help and pointing in the right direction,

Adol
0
 
LVL 24

Expert Comment

by:flyguybob
Comment Utility
Thanks.  That relay will be what is blocking the NDR.  The key is to find, from the vendor, if it is an anti-spam setting, a message defense setting, or if it is not a setting at all.  If you want to post the vendor information, I would be more than happy to dig through their website and/or documentation to find the reference as to why it is doing this.  If not, thanks a bunch for the A grade and the response!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now