Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 179
  • Last Modified:

Strange Emails

I have a user with Exchange and he is getting bounced back emails (Not real bounced backs but look like it) and in the from it has our domain name and then the IP address which is not our IP. He is getting this type of emails often.  Any ideas as to how and why this is happening?
0
bsmalleyscso
Asked:
bsmalleyscso
1 Solution
 
tigermattCommented:
This is typical NDR spam - and there is unfortunately not much you can do about it. It works because a spammer sends lots of emails - claiming to be from your user(s) and to fake email addresses - to various mail servers over the Internet. These servers, who do not know who the fake recipients are, then create hundreds of NDR messages, bouncing them back to your user's mailbox because that is "apparently" the place where the mail came from.

Just about the only way which you should be able to stop this spam is using SPF records to control what servers can send for your email domain. SPF will have some effect, but there will be plenty of smaller mail servers out there which spammers can use to "bounce" the mail off because such servers are often not configured with SPF enabled.

To actually prevent the users getting the undeliverables, the best way I have found is to create an Outlook rule to delete messages with "Delivery Status Notification" in the subject (assuming that's the type of NDRs you're getting). The risk with this is that they will delete a legitimate NDR though. The servers being used by the spammers should really be configured not to send spam for domains and even recipients they don't know, but that obviously isn't going to happen. You could also just wait - because the spammers tend to hit hard, but then move on after a few hours / couple of days.

-Matt
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now