Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

exchange 2013 - bounce back messages not working

Posted on 2014-11-22
3
657 Views
Last Modified: 2014-11-23
Hi guys,
I have exchange 2013 - infront of this i have websence hosted email security - when an external user sends an email to an incorrect user in our domain or to a random address the sender is not getting no bounce back - have checked websence and the logs show our exchange has accepted the email.  However internally the bounce backs works fine....
0
Comment
Question by:jag b
  • 2
3 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40459316
You need to enable recipient filtering on the Exchange server.
These are part of the antispam agents which are not installed by default.
Install the agents from EMS thus:
& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1
http://technet.microsoft.com/en-us/library/bb201691(v=exchg.150).aspx

Then enable the agents:

Set-RecipientFilterConfig -RecipientValidationEnabled $true
http://technet.microsoft.com/en-us/library/aa998613(v=exchg.150).aspx

HOWEVER, you shouldn't be using Exchange for recipient filtering. That is too late. The recipient filtering should be happening at the point of delivery - your Websense Email Security platform should be doing it. I would check whether it can.
Furthermore, it may well be that the Websense platform is rejecting the NDRs, because they are a form of backscatter which can get you blacklisted. Again this is resolved by doing the filtering at the point of delivery.

If you already have the recipient filtering enabled, then the problem is with the Websense platform rejecting or not allowing the messages through, and you need to review the configuration as I have outlined.

Simon.
0
 

Author Comment

by:jag b
ID: 40459363
Hi simon,
thank you for your reply - further information as below:
On my send connector I am going through a smart host - when I change this to MX record associated then ndr's work fine.... issue with the smart host?  
Is it ok to use the MX record associated with recipient domain?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40459939
The fact that you are able to send the NDRs directly suggests that the smart host is rejecting them.
However it also means you do not have recipient filtering enabled and what you want to do is called backscatter, which will get you blacklisted.

As I wrote above, you should configure the Websense service to reject emails for non-existent senders. Not accept them and then allow Exchange to generate an NDR.

By accepting emails for any recipient and then attempting to NDR them, you are exposing your server to an NDR attack. This is where a spammer sends emails to your server to non-existent recipients on purpose, so your server bounces them to the sender. The sender is spoofed and is the actual target of the spam run. Therefore not only do you get blacklisted, but you end up with a lot of emails in your queues to bad email addresses.

Simon.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question