Exchange 2007 NDR (backscatter) spam

I am having problems fighting NDR (backscatter) spam on Exchange 2007 server.
I have been using Exchange Antispam modules for few years now. But last week client started to receive hundreds of NDR (apparently created by my Exchange 2007 server).

1. I have tested my SPF records. It all looks OK.
2. I ve tested that it is not a open relay.
3. I have disabled "Allow non delivery reports" on Hub Transport default remote domain.
4. Tried to restart services on Hub transport role server.

I have 3 questions (for now);
1. It looks like that spammers are forcing my Exchange server to create NDRs (because NDRS are in my language). So it looks like my Exchange server is creating NDRs but forced by spammers.  Is this possible/probable?

2. Is there any efficient way to stop NDRs (and some other type of system messages) without purchasing 3rd party software (GFI, ORF...)?

3.  I have disabled "Allow non delivery reports" on Hub Transport default remote domain but some of the experts /Sambee/ here on EE suggest that this could lead to blacklisting my Exchange on DNSBL and still wont solve my problem.
ivugrinecAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
If you don't want to use 3rd party tools, have you checked that you have Recipient Filtering enabled?

Run the following in the Exchange Management Shell:

Get-RecipientFilterConfig

If it shows that Recipient Filtering is not set (false), enable it:

Set-RecipientFilterConfig -RecipientValidationEnabled:$true
0
ivugrinecAuthor Commented:
It has always been enabled. It doesn't stop backscatter spam.
0
Alan HardistyCo-OwnerCommented:
Okay - then I'd be going the 3rd party route personally because I know it works.

I have never used the Exchange tools for longer than it took me to realise how bad they were, so I can't help you if you want to stick with them unfortunately.

Sorry.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.