Solved

Under spam attack, want to reject NDR's

Posted on 2008-06-20
4
750 Views
Last Modified: 2012-08-13
I'm under a spam attack at the moment - I've just been flooded with NDR's.  I've already installed Service Pack 2, so I've set up connection filtering and intelligent message filtering, but not SenderID or the stricter methods, such as rejecting non-specific e-mail addresses (I need to be able to accept e-mails sent to 'info@' etc.)

The problem is, because these are NDR's, they're getting through: so firstly, is there any way I can configure Exchange to bury the NDR's silently in order to relieve the symptoms, and secondly, what other hardening techniques do you recommend that I apply?

Mark
0
Comment
Question by:Techdivision
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:fadiramada
ID: 21830657
Hi Mark,

I have had the NDR flood attack on my domain two weeks ago. Have you tried tar pitting? Please see the following Microsoft article for mor information:

http://support.microsoft.com/kb/842851

Hope this helps,

Fadi.
0
 

Author Comment

by:Techdivision
ID: 21830942
Thanks Fadi - The problem is that I'm on the receiving end of the NDR reports; it's not that my server is sending them out.  Looking through that support base article, it looks like tar-pitting is a solution to stop my server from sending them out, which it isn't actually doing.  Or have I read the article wrong?
0
 
LVL 3

Accepted Solution

by:
fadiramada earned 500 total points
ID: 21831081
No, I just misunderstood your question. I thought the NDR's were originating from your server, sorry :-)

I understand now what you mean. I believe that a certain RFC says that your server must receive NDR's destined to it, I would then focus on filtering the NDR's out immediately after receipt. A very good software for this is Vamsoft's ORF (www.vamsoft.com) - There is a free 30-day trial that you can download from their website and their software is very reasonably priced.

I would try downloading ORF as a 30 day trial and installing it on your exchange box, see if that doesn't take care of the flood of NDR's you are receiving. You should see an immediate improvement.

Thanks,

Fadi.
0
 

Author Closing Comment

by:Techdivision
ID: 31469110
Thank you, will give that one a try.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Easy CSR creation in Exchange 2007,2010 and 2013
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now