• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2086
  • Last Modified:

Exchange 2013. Forward unknown recipients to another smtp server

We have email users on two sites (same email domain) and are migrating to Exchange from Altn MDaemon. Currently the main site MDaemon receives external mail and forwards to the remote MDaemon (it knows who is a user at the remote site) or main site Exchange for anyone else. All main site users are now using Exchange so I wish to turn off the main site MDaemon, as it is not required, and have main site Excahgne receive external mail.

How do I configure Exchange to forward unknown users to the remote site MDaemon?

Is it possible to configure a list of accepted users to forward (the are only twelve users in the remote office) and treat the remainder as SPAM?

This will only be a temporary arrangement until the remote office is moved to Exchange.

Thanks.
0
jostick
Asked:
jostick
  • 3
  • 2
  • 2
2 Solutions
 
MarkMichaelCommented:
You just need to change your Accepted domain to an Internal Relay instead of Authorartive.

Then setup another send connector to send to the server as a smarthost for your domain.

This works in terms of... if a user is not located in the Exchange organization, only then will it forward it on.
0
 
jostickAuthor Commented:
In case of completely unknown users, how does a non delivery report work in this situation? It can't come from the main site Exchange, so does the remote site server send it direct to the original sender?
0
 
MarkMichaelCommented:
This is one of the flaws, there are no NDRs generated using this method.

This has been acceptable for the clients I've dealt with for this temporary fix.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
jostickAuthor Commented:
For the future though, would NDRs work if we had two Exchange servers?
0
 
Jamie McKillopCommented:
Hello,

I have to disagree. There would be NDRs generated. If the MDaemon server doesn't do recipient checking, it would accept all messages from the Exchange server then send an NDR back to the original sender. If the MDaemon server does recipient checking, the NDR would be generated by the Exchange server and sent back to the original sender.

Now, that said, it is likely that the original sender's mail gateway will block the NDR, thinking it is backscatter SPAM. Ideally, NDRs should be generated by the sending server itself after the receiving server does a recipient check and rejects the email because the recipient doesn't exist.

JJ
0
 
MarkMichaelCommented:
jjmck,

I've not come across that particular scenario. I've forwarded on emails to unresolved recipients and have never seen an NDR being delivered. I do stick to setting up the my Messaging platforms up the same was as often as possible.

Are you saying the server we forward on to, generates the NDR to the sender?

To be fair, when I normally relay to a recipient server, it is out of my control.. they may have always had NDRs disabled perhaps?
0
 
Jamie McKillopCommented:
Unless the server has NDRs disabled, it will always generate one. Again, the server that generates the NDR depends on whether or not recipient filtering is enabled. To simplify things, let's just look at two servers (sender and receiver) and forget about the forwarding. If the sending server had recipient filtering enabled, when the sending server issues the "rcpt to" command and enters an invalid address, the recipient server will respond with a 5.1.x code and close the connection. The sending server will then generate an NDR from this code and send that NDR to the sender.

If the receiving server doesn't have recipient filtering enabled, it will accept any address for one of its domains and will complete the message transfer. When the recipient server then runs the message through its resolver, it will find the address doesn't exist and will generate a 5.1.x NDR back to the sender.

A common spamming tactic is to find a server that isn't doing recipient filtering and send spam messages to invalid addresses but with valid return address, which are the intended target of the spam. The server will then accept the message and then generate an NDR, with spam message, back to the intended target. For this reason a lot of email gateways are configured to just drop NDRs, which is possibly why you haven't seen NDRs generated in your experience.

-JJ
-JJ
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now