Registered users    
MembershipMembership:
Latest New UserLatest:Gwen LaPointe
New TodayNew Today:9
New YesterdayNew Yesterday:10
User CountOverall:23335
Private messaging    
You must be logged in to use this module.
Top 10 posters    
NamePosts
Mariette Knap12898
Marina Roos12523
Eriq Neale2114
Michael Patrick1913
Stan Guinn1913
Robert Pearman1771
Nick Pieters1425
Stewart Brown617
william warren601
Kevin D.579
Welcome unauthorized visitor    
If you want to join us in the discussions on this forum you need to register first. Registration is free! If you are already a registered user please login to join the forum.
Small Business Server Support Forum    
Forums > Microsoft Small Business Server 2003 & 2000 > Exchange Server 2003
Subject: Getting alot of undeliverables to mail we did not send out
Prev Next
You are not authorized to post a reply.

Author Messages
Ian Wilson User is Offline
United Kingdom
Member since
2/9/2006

Registered Users
Posts: 178
8/04/2008 04:00 PM  
I am receiving 100's of undeliverable emails a day for emails that I know we have not sent out. 
I have carried out an Online Mail Server Test and got the following results;
 
RESULT: mail.norcott.co.uk
Banner: norcott.co.uk Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Mon, 4 Aug 2008 14:55:41 +0100 𖐅 ms]
Connect Time: 0.125 seconds - Good
Transaction Time: 5.812 seconds - Warning
Relay Check: OK - This server is not an open relay.
Rev DNS Check: OK - 82.69.208.190 resolves to 82-69-208-190.dsl.in-addr.zen.co.uk
GeoCode Info: Geocoding server is unavailable
Session Transcript:
HELO please-read-policy.mxtoolbox.com
250 norcott.co.uk Hello ⏌.20.227.131] 𖐅 ms]
MAIL FROM:
250 2.1.0 test@mxtoolbox.com....Sender OK 𖏵 ms]
RCPT TO:
550 5.7.1 Unable to relay for test@mxtoolbox.com 󟛔 ms]
QUIT
221 2.0.0 norcott.co.uk Service closing transmission channel 𖏵 ms]
As you can see it is reporting as not an open relay? I run a virus checker every night and that is showing up as clean.
Here is an example of an email I get
 
Subject : Undelivered Mail Returned.
Body :
This is the mail system at host c1mailgw20.amadis.com.

I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can delete your own text from the attached returned message.

The mail system

: host m2w-in1.ctmail.com𖑉.67.128.24] said:

550 5.1.1 is not a valid mailbox (in reply

to RCPT TO command)

Does anyone have any idea as to what could be causing my problems? 
Michael Patrick User is Offline
United States
Member since
10/26/2005

Platinum Membership
Posts: 1913
8/04/2008 04:38 PM  
Actually....you did send them.... in the form of Non-Delivery Reports...
 
Check the Default Properties in Internet Message Formats under Exchange System Manager.....
 
You have the ability to turn off non-delivery reports...
Michael Patrick

"Technology Interpreter Extraordinaire"
CAD, BIM & SBS
Steve Moss User is Offline
Telford, U.K.
Member since
8/30/2006

Registered Users
Posts: 112
8/04/2008 05:06 PM  
Without seeing the whole of an example NDR ('bounce') email you are receiving it is not easy to be sure of the reason. If it is a result of other mail servers (MTAs) rejecting your NDRs then Michael's response is correct. I would suggest it is more likely you are experiencing backscatter. This is where a spammer is forging your domain as the source of his/her spam (i.e., the spam has xxx@norcott.co.uk as the sender). The receiving servers then accept the (spam) via SMTP session, only to reject it subsequently by issuing a bounce email. The bounce goes back to the apparent sender, which is you.

Now, the receiving MTAs should really be performing recipient filtering during the SMTP conversations, and reject the (spam) emails at the SMTP level. This does not generate an NDR - instead the sending MTA (i.e., the mail server being used by the spammer) will then generate an NDR to its local sender, i.e., the spammer him/herself.

There's not a lot you can do to reduce the backscatter, I'm afraid. You can, and should, however, set up a public SPF record for your mail domain. Ask your ISP to do this for you. An SPF record lists the mail servers that can genuinely send out mail from your domain (i.e., it specifies your own outgoing mail server and/or those of your ISP, depending on how you have things set up). Then, other MTAs which implement SPF checking will reject spam that spoofs your domain and not generate an NDRs, thus reducing the backscatter.

Another thing to ensure is that you have recipient filtering turned on in Exchange. That will cause backscatter addressed to non-existent users at your domain to be dropped by Exchange, reducing the amount of backscatter that reaches your mailboxes.
You are not authorized to post a reply.
Forums > Microsoft Small Business Server 2003 & 2000 > Exchange Server 2003 > Getting alot of undeliverables to mail we did not send out


ActiveForums 3.7
Forum policy    
These Discussion Forums are dedicated to the discussion of the Small Business Server and related server and client software. For the benefit of the community please observe the following posting guidelines:
  1. No Advertising. This includes promotion of commercial products and non-commercial products which are not directly related to Small Business Server and related server and client software.
  2. No Flaming or Trolling.
  3. No Profanity, Racism, or Prejudice.
  4. Site Moderators have the final word on approving/removing a thread or post or comment.
Copyright 2002-2008 Concentrix b.v.    :   Page generated in 0.2970403 seconds.   :   Terms Of Use   :   Privacy Statement