Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Phantom Email Returns

Posted on 2009-05-08
2
Medium Priority
?
333 Views
Last Modified: 2013-11-30
Occassionally I get non-deliverable notifications of emails that I did not send OR that are addressed to a bogus mailbox in my domain.  My SMTP is NOT an open relay.  Is this the result of a failed attempt to relay or is this something I should be concerned about?

THanks~
0
Comment
Question by:Bob Schneider
2 Comments
 
LVL 23

Assisted Solution

by:Stacy Spear
Stacy Spear earned 400 total points
ID: 24336623
Spammers at work, as long as the server reporting the NDR isn't yours, you are good.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 1600 total points
ID: 24336680

It's called Backscatter, and generally caused by someone (a spammer) spoofing e-mail addresses (they send as your address / domain). The trouble is it's really really easy to do that, SMTP is really rather insecure.

You can help with this to an extent by implementing an SPF record for your domain. That allows you to state which servers are allowed to send mail as your domain name. It will only help to an extent though, not everyone checks the record, and if they don't they have no way of telling a message is spoofed.

There are wizards to help you make SPF records here:

http://www.openspf.org/

And here:

http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

If you happen to be using Exchange 2007 it is also possible to construct Transport Rules which can tag outbound mail to prevent Backscatter. Then further rules can be configured to drop Inbound Non-Delivery Reports unless the tag is included (which it would be if the message header).

Chris
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question