Help with accepted domains and emails to nonexistent accounts

We have 6 authoritative domains and 8 internal relay domains in a hybrid exchange environment (one 2013 server on prem and office 365 hosted email server). Out default domain is internal relay (fyi). The issue is that we are seeing emails coming in to non-existent email addresses being bounced back between our server and a barracuda spam appliance. This is filling up the queue. While it is causing a negligible delay, I have been tasked with figuring out what if any impact we would see by changing our internal relay domains to authoritative and if it would prevent the bouncing of emails between the server and the barracuda. We are looking to just dropping emails coming in to nonexistent email accounts.

Thanks for any assistance as I have not had to previously deal with this. Other methods of stopping the emails from bouncing between the server and barracuda and just being dropped are welcomed.
LVL 7
king daddyAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

timgreen7077Exchange EngineerCommented:
If the emails are coming into through the barracuda, check if the barracuda has recipient filtering capability, and if it does, you can setup recipient filtering that will allow the barracuda to drop the emails if the email doesn't exist in your org.

You could also turn off NDRs so that it will stop delivering them, see link for disabling NDRs:

https://www.authsmtp.com/exchange-2013/exchange2013-disable-non-delivery-report-ndr-dsn.html

Recipient filtering is the better option in my opinion, if your device supports it.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Seems like a misconfiguration.

Bounces, should be returned to the originating sender + also should have loop prevention.

Like some random header X-Already-Seen: yourdomain.tld so if this header is seen email is dropped. This prevents looping of bogus addresses being bounced back with no actual address for bounce delivery.

Also, if you're actually testing SPF + DKIM records at your incoming (what I think you're calling authoritative servers) then these messages will immediately have an X-Already-Seen header + bounce back, then if the bounce... bounces... it should be dropped.
king daddyAuthor Commented:
Thank you both, timgreen7077 and David, for the quick replies.

I would like to verify whether we are experiencing NDRs bouncing between the barracuda and the server or the actual email sent to a nonexistent email address being "bounced" between them. I suspect the latter. My language may have been misleading regarding what we are experiencing. If indeed the latter, I will check the barracuda's recipient filtering capabilities as suggested.
Hani M .S. Al-habshiContributor as IT ExpertCommented:
1-check barracuda's SSL Certifications
2-Add SPF records to all of your sender domains
3- check Send / receive connector authentication s
4-check domains & public IP's if got blacklist
king daddyAuthor Commented:
Just wanted to update this. Someone else is working on it now as there are other, more pressing issues.
I did find out that recipient filtering on the barracuda messes with some sort of SMS messages that go through the barracuda for another domain we process.
Thanks for the info.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.