Solved

Exchange 2003 Delivery Status Notification Compliance

Posted on 2010-08-18
21
596 Views
Last Modified: 2012-05-10
I have the exact same question as the related question. But, the solution there won't work for me as I don't have a thrid party spam/virus filter.

Here is the related question, which I am copying verbatim:

We are wanting to receive emails from a service that is requiring that we are Deliivery Status Notification compliant, which according to them is:

-----------------------------------------
Confirmation via Delivery Service Notification (DSN)
The first thing you should do is determine whether your email account is Delivery Status Notification (DSN) compliant. If you use an email provider that is DSN compliant it will automatically return an electronic email confirmation to the BNC that the email sent by the BNC was delivered to your mailbox.
-----------------------------------------

As we have our own Exchange 2003 server, I've looked and am not sure what needs to be changed to allow this?

I have confirmed that in the Exchange System Manager, under Global Settings, Internet Message Formats, Default, Advanced, all boxes are checked except for Allow automatic forward. The checked boxes are Allow out of office responses, Allow automatic replies, Allow delivery reports, Allow non-delivery reports, Preserve sender's display nameo n message.

Thanks
0
Comment
Question by:carlosab
21 Comments
 
LVL 6

Expert Comment

by:PartnerTek
ID: 33471802
Allow Delivery Reports and Allow Non-Delivery Reports need to be check in order to be compliant.
0
 
LVL 24

Expert Comment

by:B H
ID: 33471850
you can test this by sending an email into your server from any unrelated external email account and requesting a delivery confirmation.  then, send an email from the same external account to some invaliduser@yourdomain.com.

if you get a delivery report, and a non-delivery report, you fit their requirements
0
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 33471888
0
 

Author Comment

by:carlosab
ID: 33496384
PartnerTek - they were checked.

Bryon - The organization has a website from which I can send a test email address. I've tested it and do not meet the requirements.

Shreedhar - I did see the answered question before posting and actually included a link to it in the "related solutions" section of my post. However, since I am not using a 3rd party spam/virus filter, the solution there doesn't help.
0
 
LVL 24

Expert Comment

by:B H
ID: 33497067
lets rule out the organization from which you sent the test...

just as you can choose not to send NDRs, they can choose not to receive them.

if you can test from a sending server that for sure will accept NDRs we can be more sure - try sending as suggested from yahoo/hotmail something unrelated

0
 

Author Comment

by:carlosab
ID: 33497978
Good point. I just tested from a Yahoo account and did not receive a NDR.

I sent two separate emails to two separate addresses. The 1st address was valid and the email was obviously received without issue. The second address was invalid. The email was not received, and, my Yahoo account did not receive a NDR.
0
 

Author Comment

by:carlosab
ID: 33497986
Something else - I don't think this should matter, but, if I knew that for sure I wouldn't be asking for help at all, would I. :)

I use an application called Mailbasket MD to forward all misdirected emails that are sent to the domain to a catchall email account. To test for NDRs, I disabled the application.
0
 
LVL 24

Expert Comment

by:B H
ID: 33499631
and are you sure in yahoo you requested a delivery receipt for the legit email?

the Mailbasket application would for sure get in the way of your NDR's.  the NDR is generated by the receiving MTA - if it's not accepted for delivery, an NDR is generated.  if the mailbasket accepts the email, no NDR would be made

now - since no NDR was made after disabling mailbasket, and no delivery confirmation was sent back either, we need to start looking at what might be proxying your inbound mail.

are you ok giving some of the public info about your setup, for more specific troubleshooting?  you can use "request attention" at the top right when we're done and ask a moderator to mask out your info later on.

what's the domain name we're talking about here, that should be sending receipts but isnt?
0
 

Author Comment

by:carlosab
ID: 33499706
I did not request a delivery receipt in yahoo for the legit email as I could not figure out how to do it. I also could not figure it out for my gmail account. I was simply trying to generate an NDR and thought that the fact that I did not receive an NDR would be sufficient

I don't have a problem with giving public info - depending on what it is. The domain is ** EDITED ** .
0
 
LVL 24

Accepted Solution

by:
B H earned 500 total points
ID: 33500771
thru off-thread testing we have determined that with mailgate enabled, READ receipts do get sent back to the sender but delivery receipts do not.

with mailgate disabled, READ and DELIVERY receipts both do get sent.

now, it is clear that mailgate does not allow for delivery receipts in its current configuration, so we'll need to look at mailgate and see if we can enable it.

i'll start looking for steps how to do this, unless you already know?
0
Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

 
LVL 24

Expert Comment

by:B H
ID: 33500870
from their guide, by design the server wouldn't send an NDR for invalid addresses - as they're intercepted by mailbasket.

read-receipts do work with mailbasket on or off

delivery-receipts work with mailbasket OFF and not on.

it doesn't look like there are many settings at all in this mailbasket program, it might be worthwhile to email support@turbogeeks.com and ask them what their position on delivery confirmation to valid addresses is.

if you do, also mention to them that their server may have been hacked: http://turbogeeks.com/downloads/lists/body.txt
0
 

Author Comment

by:carlosab
ID: 33639636
I emailed (and left phone messages) at turbogeeks support and have not received any response for two weeks. This is surprising since they have been very responsive in the past. I also provided them with the link to the page on their site which may indicate that it was hacked. The link still works, so, I don't know if they are getting the emails. At any rate, it doesn't look like I'll get anywhere with them.

I tried a work-around by having the emails sent to a Gmail account, and also to a Yahoo account. My thought was that I would then auto-forward the email to my standard account. But, neither of those accounts generated an NDR so that didn't work.

0
 
LVL 24

Expert Comment

by:B H
ID: 33640317
with forwarding, the first account is the only one that would generate an NDR to the original sender, the others would just NDR to the redirected account

sender > your server > forward to gmail

if it's not on gmail, the ndr goes to your server
if it's not on your server, the ndr goes to the sender

it's a shame about turbogeeks, seems like a real useful product
0
 

Author Comment

by:carlosab
ID: 33640668
I thought that gmail or yahoo would generate an NDR to the sender, so I set it up like this:

sender > gmail > forward to my server.

That way, gmail would generate the NDR and then forward it to my system. Is there a way I could configure gmail (or one of the other major free web mail providers) to generate NDRs?

0
 
LVL 24

Expert Comment

by:B H
ID: 33642767
well, any public mail server will only generate an NDR for accounts that don't exist.... of course if they don't exist, they can't get forwarded to your server.  if they are told to forward to your server, they exist and no NDR would be made
0
 

Author Comment

by:carlosab
ID: 33642788
Sorry. I used the wrong acronym. I meant to ask if there is a way I could configure gmail (or one of the other major free web mail providers) to generate DSNs?

0
 
LVL 24

Expert Comment

by:B H
ID: 33643293
unfortunately almost all public mail servers won't support DSNs either - it has to do with preventing directory harvest attacks from spammers...  at least i can't find any that support dsn's

trying to figure out a way forward for you - the best answer may lie with your 3rd party software you already have - if you can just get the to answer you.  their software is absolutely causing your problem, so we need to get a fix from them or not use their software and go a whole different route.
0
 

Author Comment

by:carlosab
ID: 33643338
I've been "persistent" to put it mildly. I don't think they will respond.

I've become relatively reliant on the software because I very often give out random email addresses customized for a particular party. (If I goto Amazon, I use amazon@xxxxx.com; if I go to ebay, I use ebay@xxxxx.com.)  This system helps me identify parties that sell my email address. But, since I don't keep track of the addresses that I have given out, I'm now stuck. I can't stop using the software because I'll never remember all of the addresses out there, and some of the more important ones will be forgotten and email from those parties will be rejected.

0
 
LVL 24

Expert Comment

by:B H
ID: 33643422
i think what you need is something like spamgourmet.com

basically, you can give out "fake" email addresses @spamgourmet.com (or any number of alias domains) and they'll be secretly routed to your real address.

there are too many options that you can take advantage of, but effectively they are catch-all's, created per-site you gave it to, AND you can automatically say "only allow up to 5 emails for this one alias"

so if i provide to a site, me.5.someword@spamgourmet.com, then i know when i receive email in my legit box, sent to that alias, i know who sent it.... and i know they can only send 4 more (any more are discarded)

you can log into your acct on spamgourmet, and list all your given aliases.  the best part is, you NEVER have to log into SG if you dont want to - the aliases are created totally on the fly, all you have to do is tell some website the made up alias.

there's a really good faq here:
http://www.spamgourmet.com/index.pl?printpage=faq.html

they have a project on sourceforge, they're all open source and totally free - with some work you could integrate it into your exchange server... or just use their service as it's free and fast anyway.

i think in the end, this is your intent... however, i don't have any idea what to do with your previously given aliases - leave the old software in place?
0
 

Author Comment

by:carlosab
ID: 33730802
thanks for the tip on spamgourmet. It looks like a great service.

But, as you pointed out, the previously given aliases are the problem. Because of them I do need to leave the old software in place. And, if it is in place, then I still have the problem with generating DSNs.
0
 

Author Closing Comment

by:carlosab
ID: 33890440
Identified the cause of the problem.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Junk folder 23 111
shadow copies 7 19
Exchange 2007  Queue Database corrupted .que file 1 26
exchange, mailbox 4 20
Utilizing an array to gracefully append to a list of EmailAddresses
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now