• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1768
  • Last Modified:

NDR in the queue with 451 4.4.0

I have Exchange 2010 with lots of messages stuck in the queue with the message:

451 4.4.0 Primary target IP address responded with: “421 4.2.1 Unable to connect.” Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

all of those messages look to me like NDR for spam emails - here is and example:


Identity: OURMAIL\188851\640670
Subject: Undeliverable: Your Whos Who Entry
Internet Message ID: <dc6dc472-3dba-4fcd-8858-f5a5530f3b65@ourdomain.ca>
From Address: <>
Status: Ready
Size (KB): 7
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 8/16/2012 12:01:58 PM
Expiration Time: 8/18/2012 12:01:58 PM
Last Error:
Queue ID: OURMAIL\188851
Recipients:  StephanieWalker613@easysaver4u.in

Should I be concerned about those? or just ignore them. Other email seems to be delivered fine.
Is there a way to disable NDR on the Exchange 2010 and is it a problem if I disable it?
0
pyotrek
Asked:
pyotrek
1 Solution
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
I guess they can be ignored .... but why are they on your server is something that should surely be checked.

- Rancy
0
 
Jarred PowerNetwork AdministratorCommented:
Looks like spam bots trying to hit your domain and getting NDR's bouncing back to non existent/spoofed domains.  That would be my guess, wouldn't hurt to sign up for a 3rd party spam filter service.  Only becomes a problem when users complain about amount of spam.
0
 
achaldaveCommented:
You should disable NDRs to internet this will prevent your server from ovarloading and will protect your users as flooding your server with all possible email addresses is one of the method used by spammers to get valid email addresses from your system.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
pyotrekAuthor Commented:
This is exactly what I did while awaiting answer :)
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
You should do this ... reason is what if genuine users send email and due to some reason it wanst delivered to your recipient it wouldnt send NDR .... is that good ??

huh
0
 
achaldaveCommented:
Rancy is correct it will also not send NDRs when it should be and also required check section 3.7 relaying of the RFC http://www.ietf.org/rfc/rfc2821.txt
Generally Edge server or spam filters takes care of this automatically by sending unknown user respose for invalid recipient in  RCPT TO command and drops the connection but if you don't have spam filters or edge servers configured you should enable recipient filtering on server accepting emails from remote domains. Once the filters are configured you can enable the NDRs. More on recipient filters can be found here.

http://technet.microsoft.com/en-us/library/bb123891.aspx
http://technet.microsoft.com/en-us/library/aa995993.aspx
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now