Solved

Under spam attack, want to reject NDR's

Posted on 2008-06-20
4
763 Views
Last Modified: 2012-08-13
I'm under a spam attack at the moment - I've just been flooded with NDR's.  I've already installed Service Pack 2, so I've set up connection filtering and intelligent message filtering, but not SenderID or the stricter methods, such as rejecting non-specific e-mail addresses (I need to be able to accept e-mails sent to 'info@' etc.)

The problem is, because these are NDR's, they're getting through: so firstly, is there any way I can configure Exchange to bury the NDR's silently in order to relieve the symptoms, and secondly, what other hardening techniques do you recommend that I apply?

Mark
0
Comment
Question by:Techdivision
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:fadiramada
ID: 21830657
Hi Mark,

I have had the NDR flood attack on my domain two weeks ago. Have you tried tar pitting? Please see the following Microsoft article for mor information:

http://support.microsoft.com/kb/842851

Hope this helps,

Fadi.
0
 

Author Comment

by:Techdivision
ID: 21830942
Thanks Fadi - The problem is that I'm on the receiving end of the NDR reports; it's not that my server is sending them out.  Looking through that support base article, it looks like tar-pitting is a solution to stop my server from sending them out, which it isn't actually doing.  Or have I read the article wrong?
0
 
LVL 3

Accepted Solution

by:
fadiramada earned 500 total points
ID: 21831081
No, I just misunderstood your question. I thought the NDR's were originating from your server, sorry :-)

I understand now what you mean. I believe that a certain RFC says that your server must receive NDR's destined to it, I would then focus on filtering the NDR's out immediately after receipt. A very good software for this is Vamsoft's ORF (www.vamsoft.com) - There is a free 30-day trial that you can download from their website and their software is very reasonably priced.

I would try downloading ORF as a 30 day trial and installing it on your exchange box, see if that doesn't take care of the flood of NDR's you are receiving. You should see an immediate improvement.

Thanks,

Fadi.
0
 

Author Closing Comment

by:Techdivision
ID: 31469110
Thank you, will give that one a try.
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Read this checklist to learn more about the 15 things you should never include in an email signature.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now