Exchange 2007 NDR (backscatter) spam
I am having problems fighting NDR (backscatter) spam on Exchange 2007 server.
I have been using Exchange Antispam modules for few years now. But last week client started to receive hundreds of NDR (apparently created by my Exchange 2007 server). It is unlikely that is he sending spam.
1. I have tested my SPF records. It all looks OK.
2. I ve tested that it is not a open relay.
3. I have disabled "Allow non delivery reports" on Hub Transport default remote domain.
4. Tried to restart services on Hub transport role server.
NDR spam still arrives as like nothing has changed. Is there anything else i can do?
I have been using Exchange Antispam modules for few years now. But last week client started to receive hundreds of NDR (apparently created by my Exchange 2007 server). It is unlikely that is he sending spam.
1. I have tested my SPF records. It all looks OK.
2. I ve tested that it is not a open relay.
3. I have disabled "Allow non delivery reports" on Hub Transport default remote domain.
4. Tried to restart services on Hub transport role server.
NDR spam still arrives as like nothing has changed. Is there anything else i can do?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well ORF is preaty cheap. I will consider that as a solution.
I have never been a fan of the MS Anti-Spam and disable it on all servers I manage as it is too inflexible for my liking. ORF is a very good and very cheap product and you don't have to renew it if you don't want to - and if you don't renew it, it will continue to work happily. Should you then decide to upgrade to the latest version, you would have to buy it again.
$239 is a great price and I am sure you will like it and I can help you configure it if you have any questions.
Regarding the receipt of emails 'directly', if your MX record(s) point to your server's IP Address, then you receive email directly. You can check this on www.mxtoolbox.com
$239 is a great price and I am sure you will like it and I can help you configure it if you have any questions.
Regarding the receipt of emails 'directly', if your MX record(s) point to your server's IP Address, then you receive email directly. You can check this on www.mxtoolbox.com
ASKER
I receive my email directly.
Do you know if ORF is as good as GFI MailEssentials? Does ORF have a inteligent (bayesian, or statistical or some other mathematical, probability filter?
Do you know if ORF is as good as GFI MailEssentials? Does ORF have a inteligent (bayesian, or statistical or some other mathematical, probability filter?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Recipient Filtering is (and was) enabled all this time as is most of the Antispma modules (DNS blocklists, etc).
Is there a Microsoft solution? I have no budget for 3rd party solution.