Exchange 2003 mail account flooded with NDR reports

Posted on 2008-11-11
Medium Priority
Last Modified: 2012-08-14
A mail account on a Windows/Exchange 2003 server is getting flooded with NDR reports.  The server comes clean as a non-relay and the NDR's are coming in from all over.  How is the best way to block this?
Question by:dmoring
  • 3
LVL 15

Accepted Solution

tntmax earned 1000 total points
ID: 22932707
What are the NDRs to? Is there anything in the outbound queue that does not look right?

Author Comment

ID: 22932742
I will need to look - they are all similiar and spam (Subject, etc.) but from different IP's.  I will look in the outbound queue and see what I can, but I think the original emails are coming from another infected machine (not under my control).  Is there a way to stop the NDR from getting to the recipient?

Assisted Solution

kdtresh earned 1000 total points
ID: 22932830
Here's how to do it in Exchange 2007, I don't have a 2003 console to check if you can do something similar.


The idea is to set up two transport rules: one to tag all outbound messages with a unique tag that only you know, and the other to check all inbound NDR messages (which should include the header) to make sure your unique tag is there. If your tag isn't there, it wasn't sent by your organization, and you can drop the message.

Author Comment

ID: 22932942
Hmmm... yes, backscatter might work if I can make it work with 2003 - let me check.  Thanks.

Author Closing Comment

ID: 31515624
Thanks - its stopped on its own, but these are great answers to try when (no if) it happens again - thanks!

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question