Solved

Exchange 2010 Causing NDR's

Posted on 2013-02-06
4
469 Views
Last Modified: 2013-02-07
some specific senders trying to send emails to our domain are receiving NDR's such as this smtp; 550-This message contains a phishing attempt 550     [Heuristics.Phishing.Email.SpoofedDomain].

We are running exchange 2010 and we assume the anti-spam filter on exchange is sending the NDR's. What would be the best way to check this and allow the users to send to our domain?
0
Comment
Question by:jdemoccc
  • 2
4 Comments
 
LVL 9

Expert Comment

by:EMJSR
ID: 38862488
Have a look in the following options. Sounds like your content filtering is kicking in (enabled by default).

1) Open the Exchange Management Console.
2) Click Edge Transport.
3) In the work pane, click the Anti-spam tab.
4) Click Content Filtering.
5) In the action pane, click enable or disable as required.

There are some more options other than on/off, for example, you could configure the Content Filter Agent to handle a message based on certain values. These actions include deleting the message, rejecting the message, and quarantining the message. It can also flag email to go to the junk mail folder on a client.

SCLs (Spam Confidence Levels) are rated from 1 to 9, so you may choose to set something like this:

1-5 Deliver as normal.
6 Route the email to the client’s junkmail folder.
7 Quarantine-the email is routed to the quarantine folder.
8 Reject the email is rejected and the sender receives a 550 response (your case).
9 Delete the email without NDR.

I hope that helps you further.
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38862592
I would say let it be as sometime people do use some devices\sites to generate emails as their domain and only way to all these emails is to whitelist these IP's on your firewall and believe me its too risky

- Rancy
0
 
LVL 9

Accepted Solution

by:
EMJSR earned 500 total points
ID: 38862608
Well, that's certainly true, but it sounds like they're talking about legitimate emails that are being filtered. We are regularly adding sender addresses to white lists, providing we have confirmed that the domain those emails come from are indeed a legitimat source. You can whitelist a specific sender without allowing the entire domain. Of course spoofing is possible, but that is why SPF records etc. exist.
0
 

Author Comment

by:jdemoccc
ID: 38864376
yes they are legitimate. We have white listed the specific sender.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now