Go Premium for a chance to win a PS4. Enter to Win


Exchange, Spam and not bouncing mail

Posted on 2006-12-01
Medium Priority
Last Modified: 2010-03-06
Seems like the world is being particularly inundated with spam the last month or so.  Especially, all of that darn picture attachment junk.  Our company is a media/printing outlet and I just cant block these sorts of attachments, the text is too random, filters are not getting it etc.  Probably the same problems alot of people are having.  Anyway, I am seeing alot of traffic hitting our exchange server for bad addresses and I do not have the capability at this time of doing an LDAP lookup before the exchange server.  What can I do to stop exchange from sending bounces on this type of mail? This will allow me to virtually cut in half the server load created by this type of junk until I can do something better before email hits the server.  Input?  Any other ideas?  I just cannot find any configuration options on exchange on how I can set up the way it treats error codes and return email's to senders.

For background this is our current email flow:

World -> Postini -> external mail filter (linux postfix) -> internal mail gateway (SAV for gateways, ver 9.  I have a 10 licnese but have not upgraded yet) -> Exchange with SAV 9 for exchange installed (again, have 10 license not installed yet).  Even with all of these stops along the way an inordinante amount of spam is getting through and it's really taxing the hardware.

Thanks in advance!
Question by:ChrisGrable
LVL 10

Expert Comment

ID: 18054287
To start is most of your spam sent to people that do not exist and causing exessive amounts of NDR's.  If so try recipiant filtering and tarpitting in exchange to reduce those problems.  Filter recipiants who arent in the directory.  I have had good luck with a combo of IMF in Exchange and Mail Security / Mail Essentials from GFI.
LVL 16

Expert Comment

ID: 18054344
you will probably need to do a spam cleanup first of all check this out
i am not sure about the linux postfix and its features
i would give the GFI a go-there is a free trial on their site now and it deals with recipient filtering etc very well

Author Comment

ID: 18054394
"To start is most of your spam sent to people that do not exist and causing exessive amounts of NDR's.  If so try recipiant filtering and tarpitting in exchange to reduce those problems.  Filter recipiants who arent in the directory."

Sorry, my exchange skills are a bit weak.  Could you elaborate a bit on the process in sys manager.  Macro level explanation is fine, I am not completely dull to the options available, just have not done this at any point.

Spam is both coming through to users who do not exist and those who do, it's a mix.  I was just trying to think of a way to cut down on some server load due to the increased traffic.  Seems if I could drop some of these early or at least turn off bounce emails it would help.

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

LVL 10

Expert Comment

ID: 18054460
If you are running Exchange 2003, you can create a recipiant filter.  This is done in ESM under delivery options, recipiant filtering.  Check the box, filter recpiants who are not listed in the directory.

You must then apply this to your smtp virtual server.  Under Servers, your server, protocols, smtp, right click and go to properties.  Click advanced on the gneral tab.  Click edit, and then check the box for apply recipiant filtering.

You should also consider using smtp tar pitting to protect against directory harvest attacks.

If you are not using Exchange 2003 try GFI Mail Essentials it works quite well.

I am not sure how this will effect the postfix gateway, but this will help exchange.

Author Comment

ID: 18054506
I am running Exchange 2003 on W2K3.  Will give this a try and report back.  Still open to other ideas while I am working on this item.

LVL 104

Accepted Solution

Sembee earned 1500 total points
ID: 18054918
Unfortunately the posters above have given you false hope by failing to read fully your setup.

Recipient filtering is not going to help very much as you have too much in front of the Exchange server. There are at least four hops before the Exchange server and for recipient filtering to be effective the Exchange server needs to be the point of delivery. In this case that is Postini. If you configure recipient filtering in the current environment there is a good chance that you will either crash your gateway machine or Postini will be annoyed with you.

As you are using Postini, you need to drop the messages there. Look at providing Postini a list of valid users. I am pretty sure that they will have the facility in their service to do that.

Have you restricted your firewall so that email can only come in from Postini? Doesn't matter if your MX records do not point to your site or not, if the restriction isn't there then the spammers will send their messages.

LVL 10

Expert Comment

ID: 18054956
Postini should drop the message if the final destination fails to recieve it after a period of days.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question