Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

No NDR's when sending to non-existent external address

Posted on 2006-10-28
5
Medium Priority
?
627 Views
Last Modified: 2010-05-18
Hi all,

For some unknown reason our exchange 2003 server has stopped sending NDR's when an email is sent externally to an address which does not exist, but does if an email is sent internally to an address which does not exist, i.e.

Send an email to xxx@mydomain.com (an address which does not exist internally) and exchange reports a NDR

Send an email to xxx@notmydomain.com (an address which does not exist externally) and exchange does not report a NDR.

I have checked that no filters are applied in Global Settings > Message Delivery.  I have also set it to send a copy of any NDR's to my account and nothing comes through when sending an email to an invalid external address.  Allow non-delivery reports is also ticked in Global Settings > Internet message format

The server is up to date with all updates, etc.

Hoping you can help
0
Comment
Question by:adolphus850
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 24

Expert Comment

by:flyguybob
ID: 17826593
Adolphus -
Have you tried this with an external account, such as a Hotmail account?  It could be that some locations have turned off their NDRs.
The setting that you set, allow non-delivery reports, is for senders external to your organization attempting to send inside your org.
If you try bob@notadomainwhichreallyreallyexistsbutactuallydoesnot.com, you should get an NDR.
...and if your Exchange server is front-ended by another SMTP server(s), say that of your ISP, they may block the NDRs to prevent NDR attacks, such as those related where they spoof an address, such as CEO@Mycompany.com and the reply-to is CEO@mycompany.com.  That address does not exist, so it floods the postmaster mailbox.

Bob
0
 
LVL 5

Author Comment

by:adolphus850
ID: 17828336
Hi Bob,

That's my understanding of it too.  If i send an email to bob@notadomainwhichreallyreallyexistsbutactuallydoesnot.com, i should get a NDR but i'm not.

I've turned on the following diagnostics logging but nothing is showing up in the event log either:

Routing Engine\Service - Maximum
Categorizer - Maximum
SMTP Protocol - Maximum
NDR - Maximum

I can see the categorizer realise that its for another domain and firing the message off, but i would assume that at this point a NDR event should be generated indicating that exchange could not find the address.

Adol
0
 
LVL 24

Accepted Solution

by:
flyguybob earned 2000 total points
ID: 17840024
Do this...
Go to your Exchange server, or Exchange front-end.
Open a command prompt
type nslookup
type set type=mx
type gmail.com
The lowest preference should be
gmail.com       MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
type set type=a
gmail-smtp-in.l.google.com
You should get - 72.14.205.27


type Telnet gmail-smtp-in.l.google.com 25
See if this comes up:
220 mx.google.com ESMTP somethinghere

If so, you are not being proxied.
Send an e-mail to an external account (you can do something similar to the above) and look at the headers.  Look to see if there is something between your server and the first hop of the remote system (in this case the gmail-smtp-in.l.google.com 72.14.205.27 address).
Do the same on a message from the outside in.  See if there is something between their system and your system.

If you are using a firewall with mail control software, see if it has a protection provision to suppress NDRs.  Check the same for your anti-virus and anti-spam software, if you are (hopefully) running some.

0
 
LVL 5

Author Comment

by:adolphus850
ID: 17862348
Hi bob,

I'll accept your answer there.  We relay our mail before it leaves our organisation to another machine which adds on the disclaimer.  The antivirus on the 'disclaimer' machine appears to be blocking the response to exchange which would normally trigger a NDR.  I assume this traffic must be slightly different to a read or delivery receipt, etc. as we have been getting those fine.

Many thanks for your help and pointing in the right direction,

Adol
0
 
LVL 24

Expert Comment

by:flyguybob
ID: 17862434
Thanks.  That relay will be what is blocking the NDR.  The key is to find, from the vendor, if it is an anti-spam setting, a message defense setting, or if it is not a setting at all.  If you want to post the vendor information, I would be more than happy to dig through their website and/or documentation to find the reference as to why it is doing this.  If not, thanks a bunch for the A grade and the response!
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question