Solved

Exchange 2010 Backscatter problem

Posted on 2011-03-15
5
2,762 Views
Last Modified: 2013-03-28
We are having an issue in Exchange 2010 that i believe is being caused by Backscatter. Recently I have noticed a bunch of messages in the Exchange Queue Viewer that keep trying to resend but are unable to connect. All of these messages are Non Delivery Reports for undeliverable spam email that was sent to our server.

Yesterday afternoon i tried enabling Recipient Validation in exchange. Since turning this feature on we have gone from over 60 messages trying to resend over and over to only 8 after enabling. This seems to have helped the situation, however i am still seeing messages trying to resend.

I found a few articles related to this issue that also recommended completely disabling NDR's all together, or adding another layer of spam detection. Is there any other recommended course of action to resolve this problem? Aside from valid NDR's not being sent, is there any other down side to disabling NDR's? Is there a rule in Exchange we can setup to drop off the NDR's that fail to connect after the first or second try?

Here is alittle background on our current anti-spam setup. Our first layer of anti-spam detection is our Sonicwall firewall which has RBL entries for spamhaus,  dnsbl.sorbs, barracudacentral, & spamcop. For the second layer we are using Trend Micro Scan Mail for Exchange. This product doesn't seem to do a good job of cleaning any spam getting through the firewall. I am looking at alternatives as our subscription is up in a few months. Any recommendations on anti-spam products you are having success with are greatly appreciated.

For reference here is a sample of one of the messages currently trying to resend.

Identity: qualissrv01\57782\232009
Subject: Undeliverable: Loan offer at 3% Interest Rates!!
Internet Message ID: <b925383a-19d1-415d-a701-f6acd8184eae@Qualisauto.com>
From Address: <>
Status: Ready
Size (KB): 6
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 3/14/2011 8:20:10 PM
Expiration Time: 3/16/2011 8:20:10 PM
Last Error: 450 4.1.1 <ocean@lbasantarem.com.br>: Recipient address rejected: User unknown in local recipient table
Queue ID: qualissrv01\57782
Recipients:  ocean@lbasantarem.com.br

Thank you
0
Comment
Question by:qualis_auto
  • 3
5 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 35139363
Okay - do you receive mail directly to your server or does a 3rd party filter your mail and pass it on to you?

If via a 3rd party - THEY have to Recipient Filter.

If you receive it directly, you need to install the Anti-Spam options and enable Recipient Filtering.

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_4257-Exchange-2007-2010-Backscatter-and-how-to-resolve-it.html
0
 

Author Comment

by:qualis_auto
ID: 35141111
We receive our mail directly. I turned on the Anti-Spam options and enabled the Recipient Filtering and that seems to have done the trick. Thanks for the help Alanhardisty.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35141401
You are welcome.  Glad all is happy now.  Make sure you get delisted fron Backscatterer.org (usually happens automatically after about 4 weeks).

Thanks for the points.

Alan
0
 

Expert Comment

by:jambear
ID: 39028606
Thanks for this info. The same thing is happening at my office. I enabled the filtering and I'm still having this issue. is there something else that I can try? Any help would be appreciated. Not sure what else to try here. thanks in advance.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39029216
jambear - your best bet is to open up your own question (if you have not already) and then ping me a link and I'll see what I can do to help you.  Or drop me an email.

Alan
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now