Solved

How to stop getting NDR's from Exchange - resulting in the IP getting RFC-IGNORANT

Posted on 2013-01-09
7
507 Views
Last Modified: 2013-01-10
Using Microsoft Excange 2003 SP2.
Have just got a load of NDR's - which resulted in getting the IP getting RFC-IGNORANT and having to move the mail server to a different IP address so that mails would be allowed to be sent to destination domain.
Origianlly to stop the large amounts of NDR's being produced by some suspicious and un-know source, within Global Settings on the Exchange Server I set the following :-

Under tab  for "Recipient Filtering".
 I checked the box for "filter recipients that are not in the directory".
SenderID Filtering Tab - set to "Delete (the message will be accepted and then deleted ;no NDR will be sent back to the sender)

We seemed to get to the point that outgoing mails sat in the QUEUE's and after some investigation it seems we were on an RFC-IGNORANT black list based on the IP address. We moved the IP address and the mail queued up were then sent.

Are the steps above enough to minimise this issue ? How do we get off this black list for the IP ?
0
Comment
Question by:ccfcfc
  • 4
  • 2
7 Comments
 
LVL 15

Accepted Solution

by:
jerseysam earned 500 total points
Comment Utility
Really need to find out why you are gettnig these NDR's. Open Relay? Spam?

Take a look at at my previous post:

http://www.experts-exchange.com/Microsoft/Server_Applications/Q_27929216.html

I would say you need to clean your exchange queues and then make sure that your network is 100% secure. Only then can you start to think about getting removed from blacklists.

Check your blacklist check at mxtoolbox.com or network-tools.com
0
 
LVL 15

Expert Comment

by:jerseysam
Comment Utility
PS to turn off NDR's:

Exchange System Manager,
Global Settings,
Internet Message Format.
Double click on your right.
Advanced tab.
Uncheck Allow non-delivery reports.
0
 

Author Comment

by:ccfcfc
Comment Utility
Jerseysam,
Thanks for the last post, that is already turned off. But thanks for that.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:ccfcfc
Comment Utility
Hi,
I have followed your previous post and understaken the Telnet test concerning the testing of a relay.
http://exchange.sembee.info/2003/smtp/spam-cleanup.asp
When I perform the test internally, not on an external network I can Telnet and perform all tests as required but obviously this is not the correct test.
But, If I Telnet to my Exchange server via an external network as the document requests, I do not get the  banner returned of 220 mail.server.domain Microsoft ESMTP MAIL Service, Version: 6.0.2790.0 Ready at
but just get  
220********************************************************************************************
When I issue the command ehlo testdomain.com  
it returns  500 5.3.3 Unrecognized command.
Weird as I know it is working as I can connect to the via TCP port 25 when on the same network.
Any ideas as to why ?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
You have a CISCO firewall / ASA device with SMTP Fixup / ESMTP Inspection Enabled - please disable it as this causes more problems than it fixes.

Your banner proves this:

220********************************************************************************************
0
 

Author Comment

by:ccfcfc
Comment Utility
Yep we have a PIX firewall I will look at turning that off.
Although I must admit I went checked the doucment and from that the server was configured correctly. Just wanted to test externally as well.
0
 

Author Comment

by:ccfcfc
Comment Utility
I have been looking at other SMTP settings.
Under properties , Access, Authentication   - select acceptable authentication for this resource
Anonymous Access -  ticked  (no username or password required)
    Resolve anonymous e-mail - NOT ticked
Basic authentication (password sent in clear text) - ticked
Integrated Windows Authentication - ticked

Should I turn the top 2 option off ?
0

Featured Post

Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now