retokasser
asked on
Prevent Backscattering for Internal Relay Domains.
Hello
I'm having issues with backscattering and getting listed on several spam databases.
I'm running Exchange 2010 Sp2 with Anti-spam --> Recipient validation enabled.
There are several accepted-domains which are configured as internal relay and also there is a send-connector for those domains routing them to a external smarthost if the recipient is not in my organisation.
Unfortunately this opens the opportunity for backscattering.
What are the possibilities to prevent backscattering? If I turn on recipient validation on the external smarthosts as well would exchange still generate a NDR? Are there supported tools which perform external recipient checks?
Or is it possible to turn off NDRs only for internal relay domains?
Thanks for your help
I'm having issues with backscattering and getting listed on several spam databases.
I'm running Exchange 2010 Sp2 with Anti-spam --> Recipient validation enabled.
There are several accepted-domains which are configured as internal relay and also there is a send-connector for those domains routing them to a external smarthost if the recipient is not in my organisation.
Unfortunately this opens the opportunity for backscattering.
What are the possibilities to prevent backscattering? If I turn on recipient validation on the external smarthosts as well would exchange still generate a NDR? Are there supported tools which perform external recipient checks?
Or is it possible to turn off NDRs only for internal relay domains?
Thanks for your help
ASKER
Yes my Exchange server is the first point of arrival. The Mails are being relayed to the smart horts. So would it help if the smart hosts had recipient validation?
If your server is the 1st point for email arrival, you only need to validate recipients your end, but for the relay domains, you will be accepting the emails and then passing them straight on, so you can't validate those emails.
Why are you receiving the emails for the other domains of all you are doing is passing them on elsewhere? Surely it would make more sense to have the emails delivered directly to the remote servers (smarthosts)?
Why are you receiving the emails for the other domains of all you are doing is passing them on elsewhere? Surely it would make more sense to have the emails delivered directly to the remote servers (smarthosts)?
ASKER
We are not passing all of them to elsewhere since we have some mailboxes on the exchange server for these domains. These domains also have mailboxes which are not on our exchange server, but on a external server with other setups.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
If you have mail arriving at SmartHosts first - then they have to have Recipient Filtering enabled because if not, they accept the emails destined for invalid addresses and then pass it on to you and this forces you to check the addresses and send NDR's if the recipient is invalid.
If the SmartHosts reject invalid recipients, they only pass valid emails on to you and then you don't have to send NDR's back to spammers / spoofed addresses and thus you won't hit Backscatterer.org or any other backscatter sites.
Alan