Exchange 2007 NDR (backscatter) spam
I am having problems fighting NDR (backscatter) spam on Exchange 2007 server.
I have been using Exchange Antispam modules for few years now. But last week client started to receive hundreds of NDR (apparently created by my Exchange 2007 server).
1. I have tested my SPF records. It all looks OK.
2. I ve tested that it is not a open relay.
3. I have disabled "Allow non delivery reports" on Hub Transport default remote domain.
4. Tried to restart services on Hub transport role server.
I have 3 questions (for now);
1. It looks like that spammers are forcing my Exchange server to create NDRs (because NDRS are in my language). So it looks like my Exchange server is creating NDRs but forced by spammers. Is this possible/probable?
2. Is there any efficient way to stop NDRs (and some other type of system messages) without purchasing 3rd party software (GFI, ORF...)?
3. I have disabled "Allow non delivery reports" on Hub Transport default remote domain but some of the experts /Sambee/ here on EE suggest that this could lead to blacklisting my Exchange on DNSBL and still wont solve my problem.
I have been using Exchange Antispam modules for few years now. But last week client started to receive hundreds of NDR (apparently created by my Exchange 2007 server).
1. I have tested my SPF records. It all looks OK.
2. I ve tested that it is not a open relay.
3. I have disabled "Allow non delivery reports" on Hub Transport default remote domain.
4. Tried to restart services on Hub transport role server.
I have 3 questions (for now);
1. It looks like that spammers are forcing my Exchange server to create NDRs (because NDRS are in my language). So it looks like my Exchange server is creating NDRs but forced by spammers. Is this possible/probable?
2. Is there any efficient way to stop NDRs (and some other type of system messages) without purchasing 3rd party software (GFI, ORF...)?
3. I have disabled "Allow non delivery reports" on Hub Transport default remote domain but some of the experts /Sambee/ here on EE suggest that this could lead to blacklisting my Exchange on DNSBL and still wont solve my problem.
ASKER
It has always been enabled. It doesn't stop backscatter spam.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Run the following in the Exchange Management Shell:
Get-RecipientFilterConfig
If it shows that Recipient Filtering is not set (false), enable it:
Set-RecipientFilterConfig -RecipientValidationEnable