RE: Flood of "System Administrator" Undeliverable SPAM, please help
|
Logged in as: Guest
|
|
Users viewing this topic:
none
|
|
Login  | |
|
RE: Flood of "System Administrator" Undeliver... - 2.Apr.2008 12:08:37 AM
|
|
|
bancza
Posts: 3
Joined: 1.Apr.2008
Status: offline
|
I'm not sure what your other settings are but I'm catching most of these with SPF set to HIGH.
Of course you will have some legit email end up in Junkmail but that's much less of a problem than having hundreds of junk showing up in the inbox. Users are advised to check the junkmail regulalry for any legit emails.
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 2.Apr.2008 4:01:15 AM
|
|
|
LukeQuake
Posts: 20
Joined: 18.Mar.2008
Status: offline
|
quote:
ORIGINAL: bancza
I'm not sure what your other settings are but I'm catching most of these with SPF set to HIGH.
Of course you will have some legit email end up in Junkmail but that's much less of a problem than having hundreds of junk showing up in the inbox. Users are advised to check the junkmail regulalry for any legit emails.
We've done the following:-
1) Ensured that we are using the most recent version of ME.
2) Ensured that the registry key has been set to 'catch' these NDR mails.
3) Spoken to GFI and are awaiting a fix from the developers (which will be soon I hope!).
We can't change our SPF settings as everytime we've done this in the past ME has fallen over and spam has flooded in, so we have to leave it at low for the moment.
I would suggest that everyone with a valid support contract emails GFI about this problem to try and rush through a fix.
< Message edited by LukeQuake -- 2.Apr.2008 4:02:26 AM >
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 2.Apr.2008 9:01:39 AM
|
|
|
pmcneill
Posts: 130
Joined: 18.May2005
Status: offline
|
We seem to have a user a day reporting they got slammed with 300-400 of these overnight. Really counting on GFI for a solution to this.
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 2.Apr.2008 9:54:12 AM
|
|
|
pcecom
Posts: 16
Joined: 14.Apr.2005
Status: offline
|
I experienced the same problem last week as this thread shows.
http://forums.gfi.com/getting_spammed_by_underliverables/m_900760780/tm.htm
Basically the same responses as this current thread. I stopped receiving NDR's until today I get up and check my phone and there are hundreds of NDR's.
Please, please, please, create a fix for this soon.
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 2.Apr.2008 4:05:42 PM
|
|
|
cepolly
Posts: 8
Joined: 1.Oct.2007
Status: offline
|
Still getting flooded, albeit in the new senders, keyword, header and junk email folders.
why new sender is in the mix, i'm not sure.
also an added surprise is that now my delivery status/confirmation messages are being sent to my new senders folder too.
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 2.Apr.2008 5:11:37 PM
|
|
|
tleavit
Posts: 7
Joined: 4.Jul.2005
Status: offline
|
Wanted to share that we are having the exact smae problem. 8ish users in the past week hammered with 500+ messages sometimes in an hour.
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 3.Apr.2008 3:47:47 AM
|
|
|
LukeQuake
Posts: 20
Joined: 18.Mar.2008
Status: offline
|
GFI - Is there any update on this yet? We need this fix asap!
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 3.Apr.2008 5:25:15 AM
|
|
|
jmjacquet
Posts: 9
Joined: 10.Mar.2008
Status: offline
|
Same problem for us. +/- 5000 NDRs last night...
It is really a nightmare.
We had to create special Transport Rules on Exchange to stop all the inbound NDRs.
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 3.Apr.2008 6:56:20 AM
|
|
|
LukeQuake
Posts: 20
Joined: 18.Mar.2008
Status: offline
|
quote:
ORIGINAL: jmjacquet
Same problem for us. +/- 5000 NDRs last night...
It is really a nightmare.
We had to create special Transport Rules on Exchange to stop all the inbound NDRs.
I was going to do this but we will then be shutting out legitimate NDRs... However, I suppose this would be better than being hit by these...
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 3.Apr.2008 9:41:42 AM
|
|
|
alexc
Posts: 50
Joined: 23.Jul.2003
Status: offline
|
Hi all,
Just wanted to let you know that we _are_ actively looking into this.
It is not an easy matter since cranking up filtering on DSNs and NDRs involves some different approaches to filtering normal emails, apart from increasing false positive risks on legitimate notification traffic.
I also wanted to clarify some things regarding the ase_scandsn registry option:
- It enables filtering of DSN/NDR traffic, but
- The emails which are embedded/attached within the DSN/NDR are still not scanned. This is probably one thing we will need to change -- we're looking at the options.
Regarding what wrabbit said about the 2 subjects in the email -- actually the second subject is the one of the embedded email, which, as I said, does not get scanned currently.
We're actively looking at the options -- will keep you posted.
_____________________________
Alex Cachia
Project Manager - GFI Software - www.gfi.com
Messaging, Content Security & Network Security Software
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 3.Apr.2008 9:55:53 AM
|
|
|
andih98uk
Posts: 16
Joined: 31.Mar.2008
Status: offline
|
Thanks Alex, i've vastly reduced the number were getting from the help on this forum but there's still a few getting through. Good to know you're working on it.
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 3.Apr.2008 10:06:30 AM
|
|
|
M4Gg0T5
Posts: 6
Joined: 3.Apr.2008
Status: offline
|
I have this problem since yesterday and it's totally out of control. Users are freaking out hehehe.
I just want to know something, IF I enable BAYESIAN filter which I guess is a must, will the Keyword checking be used too ? In the engine order, Bayesian is before Keywords because it's more powerfull and before yesteray it was doing a very good job but I wonder if I should put Keyword checking first for this problem. I've hears somehwere that when Bayesian is activated, the Keyword checkling wasnt considered in the message filtering. I will had the few words like (failure, delivered, undelived) in the list and that may help since the next patch or fix about this. Can someone clarify this ?
Thanks
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 3.Apr.2008 10:23:52 AM
|
|
|
LukeQuake
Posts: 20
Joined: 18.Mar.2008
Status: offline
|
Alexc,
Thanks for your message. Please try to keep us updated.
|
|
|
|
|
RE: Flood of "System Administrator" Undeliver... - 3.Apr.2008 11:16:44 AM
|
|
|
chaznsc
Posts: 13
Joined: 26.Feb.2008
Status: offline
|
Just anf FYI, we applied the registry hack, however, the messages are still flowing into the inboxes. Its not as bad as some have reported but its several dozen messages a day for most users, more than I need to see.
Hope this helps.
chaz
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
Printable Version
ME should only let pass NDRs suitable to mails who have left ME in the past.