Handling incoming NDR's from spam using spoofed address
Posted on 2006-11-17
I run an Exchange 2000 server for a small (25 employees) company. We have several applications in place to protect us from incoming Spam (Symantec Mail Security + iHateSpam) which do a pretty good job. However, these applications can not protect us from incoming NDR's that use an invalid spoofed address using our domain.
Lately, my Bad Mail queue has been processing over 1600 undeliverable NDR's per hour. This is causing a tremendous load on our server slowing down the delivery of legitimate mail. One day this week over 10,000 undeliverable messages were processed in 2 hours causing my Exchange Server to become unresponsive to local clients.
Is there anything that can be done to handle incoming mail with bad addresses other than Exchange's default behavior of multiple attempts to deliver?
I already have disabled the sending of NDR's to senders of incoming mail with bad addresses. I also have a daily At job that deletes the BadMail folder to keep it's size under control. This is not enough to keep my Exchange Server from bogging down trying to process all this bad mail.
If I can't find a workable solution we may be forced to move our email server to a hosting service which is not something management wants to do.
Your ideas are appreciated.
Thanks - JR