Solved

Exchange 2013. Forward unknown recipients to another smtp server

Posted on 2013-12-06
7
1,899 Views
Last Modified: 2013-12-11
We have email users on two sites (same email domain) and are migrating to Exchange from Altn MDaemon. Currently the main site MDaemon receives external mail and forwards to the remote MDaemon (it knows who is a user at the remote site) or main site Exchange for anyone else. All main site users are now using Exchange so I wish to turn off the main site MDaemon, as it is not required, and have main site Excahgne receive external mail.

How do I configure Exchange to forward unknown users to the remote site MDaemon?

Is it possible to configure a list of accepted users to forward (the are only twelve users in the remote office) and treat the remainder as SPAM?

This will only be a temporary arrangement until the remote office is moved to Exchange.

Thanks.
0
Comment
Question by:jostick
  • 3
  • 2
  • 2
7 Comments
 
LVL 15

Accepted Solution

by:
MarkMichael earned 250 total points
ID: 39700701
You just need to change your Accepted domain to an Internal Relay instead of Authorartive.

Then setup another send connector to send to the server as a smarthost for your domain.

This works in terms of... if a user is not located in the Exchange organization, only then will it forward it on.
0
 

Author Comment

by:jostick
ID: 39700713
In case of completely unknown users, how does a non delivery report work in this situation? It can't come from the main site Exchange, so does the remote site server send it direct to the original sender?
0
 
LVL 15

Expert Comment

by:MarkMichael
ID: 39700726
This is one of the flaws, there are no NDRs generated using this method.

This has been acceptable for the clients I've dealt with for this temporary fix.
0
The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

 

Author Comment

by:jostick
ID: 39700780
For the future though, would NDRs work if we had two Exchange servers?
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39701489
Hello,

I have to disagree. There would be NDRs generated. If the MDaemon server doesn't do recipient checking, it would accept all messages from the Exchange server then send an NDR back to the original sender. If the MDaemon server does recipient checking, the NDR would be generated by the Exchange server and sent back to the original sender.

Now, that said, it is likely that the original sender's mail gateway will block the NDR, thinking it is backscatter SPAM. Ideally, NDRs should be generated by the sending server itself after the receiving server does a recipient check and rejects the email because the recipient doesn't exist.

JJ
0
 
LVL 15

Expert Comment

by:MarkMichael
ID: 39701515
jjmck,

I've not come across that particular scenario. I've forwarded on emails to unresolved recipients and have never seen an NDR being delivered. I do stick to setting up the my Messaging platforms up the same was as often as possible.

Are you saying the server we forward on to, generates the NDR to the sender?

To be fair, when I normally relay to a recipient server, it is out of my control.. they may have always had NDRs disabled perhaps?
0
 
LVL 37

Assisted Solution

by:Jamie McKillop
Jamie McKillop earned 250 total points
ID: 39701553
Unless the server has NDRs disabled, it will always generate one. Again, the server that generates the NDR depends on whether or not recipient filtering is enabled. To simplify things, let's just look at two servers (sender and receiver) and forget about the forwarding. If the sending server had recipient filtering enabled, when the sending server issues the "rcpt to" command and enters an invalid address, the recipient server will respond with a 5.1.x code and close the connection. The sending server will then generate an NDR from this code and send that NDR to the sender.

If the receiving server doesn't have recipient filtering enabled, it will accept any address for one of its domains and will complete the message transfer. When the recipient server then runs the message through its resolver, it will find the address doesn't exist and will generate a 5.1.x NDR back to the sender.

A common spamming tactic is to find a server that isn't doing recipient filtering and send spam messages to invalid addresses but with valid return address, which are the intended target of the spam. The server will then accept the message and then generate an NDR, with spam message, back to the intended target. For this reason a lot of email gateways are configured to just drop NDRs, which is possibly why you haven't seen NDRs generated in your experience.

-JJ
-JJ
0

Featured Post

Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video discusses moving either the default database or any database to a new volume.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now