Exchange server NDR attack, need help resolving
Posted on 2011-05-05
I am fighting an NDR attack from the domain hinet.net. Our environment is small, with one Exchange 2003 server. I adjusted the server yesterday to close an open relay, and to enable recipient filtering/tarpitting due to an NDR attack. I've also disabled NDR'ing for now. However, the queues are still filling with NDR's and spam e-mails that pre-date the configuration changes I've made? What can I do to get the server operational again, and clear the queues?