Exchange 2003 Email problem..

Posted on 2009-04-24
Last Modified: 2012-05-06
Hello Gurus,
I have a win2k3 box with exchange 2003 server.
I keep receiving (lately) tons of emails "Delivery status notification(Failure)
This is an automatically generated delivery status notificaion.
delivery to the following recipient failed .
and it gives each time a fake email address.@mydomain.

How do I get rid of all these ?
PS. I am receiving like 100 every day !!!
Question by:ammounpierre
    LVL 10

    Expert Comment

    Hi there,

    These are more than likely spam messages that are coming in making it look as though legitimate emails were sent from your domain.
    What I would do is to get some sort of email filtering software that will separate the real email from the junk.

    Hope this helps
    LVL 58

    Accepted Solution

    This is more than likely typical NDR spam - and there is unfortunately not much you can do about it. It works because a spammer sends lots of emails - claiming to be from your user(s) and to fake email addresses - to various mail servers over the Internet. These servers, who do not know who the fake recipients are, then create hundreds of NDR messages, bouncing them back to your user's mailbox because that is "apparently" the place where the mail came from. It's a problem with the SMTP protocol, and something which will always exist unless SMTP is overhauled.

    Just about the only way which you should be able to properly stop this spam is using SPF records to control what servers can send for your email domain. SPF will have some effect, but there will be plenty of smaller mail servers out there which spammers can use to "bounce" the mail off because such servers are often not configured to check SPF records.

    To actually prevent the users getting the undeliverables, the best way I have found is to create an Outlook rule to delete messages with "Delivery Status Notification" in the subject (assuming that's the type of NDRs you're getting). The risk with this is that they will delete a legitimate NDR though. The servers being used by the spammers should really be configured not to send spam for domains and even recipients they don't know, but that obviously isn't going to happen. You could also just wait - because the spammers tend to hit hard, but then move on after a few hours / couple of days.


    Author Comment

    Its been like 2weeks like that and it isnt stopping....
    the administration is really becoming angry about that.
    see, I have the CEO that receives a copy of all emails sent/received from our he keeps receiving those spam emails
    (like a hundred per day) and he is very irritated.
    Is there a way to delete those emails automatically as soon as they receive ? without being sent to the archiving email ?
    LVL 58

    Expert Comment


    You would need to configure a rule which deletes any NDR messages based on their subject. Be aware that this may prevent legitimate NDRs coming through, and that it is difficult to implement server-side in Exchange 2003.

    Have you configured SPF records yet for your domain?


    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Get an idea of what you should include in an email disclaimer with these Top 5 email disclaimer tips.
    Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
    In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now