NDRs on or off? (Full Version)

All Forums >> [Content Security] >> GFI MailEssentials for Exchange/SMTP



Message

Eric -> NDRs on or off? (14.Apr.2008 10:37:11 AM)

How many of you send NDRs back to other mail systems?  I've read various articles the recommend turning off NDRs to reduce the backscatter SPAM on the net.  I've turned mine off.

What are you doing?

Eric



pmcneill -> RE: NDRs on or off? (14.Apr.2008 10:52:39 AM)

You might want to check out this thread:

http://forums.gfi.com/m_900760360/mpage_1/key_/tm.htm#900760360

Sending NDRs for mail you receive to non-existent recipients (directory harvest SPAM) is a big no no IMO, and you risk being added to a blacklist that tracks servers that contribute to backscatter.  Unfortunately, MailEssentials has no way to deal with that, AND allow you to get an NDR back to legitimate senders who typo an address.  So, if you just use a standard Exchange install with ME and disable NDRs, you're not RFC compliant.

The best way to deal with that in my opinion is to enable Recipient Filtering in Exchange combined with Tarpitting on the SMTP service (and then disable the DH filter in ME).  I describe what we did with our setup in the thread I linked to above.  It has worked very well for us. 



Popolou -> RE: NDRs on or off? (23.Apr.2008 7:03:28 AM)

With our current configuration of ME12 running on Ex2k, NDR's have always been disabled for the obvious reasons. However, i'm considering a change to this rule now that ME seems to be doing a good job of removing all the Spam that ends up our way.

With the UCE either being deleted or moved to a spam folder, there are times when an NDR is generated for misspelt members in the domain. As a result i have enabled the NDR feature within Exchange to work on these failures yet ensured that all NDR's are disabled within ME itself.

As long as ME cuts out the bulk of all the spam emails/backscatter NDR's, any message that still gets through yet undelivered is now assumed to be relevant and so Exchange will respond to it via its own NDR.

I'd appreciate any comments if my logic isn't spot on.

Cheers,

Pop



Page: [1]