Disable Non-Delivery Reports (NDRs) in Exchange
There has been a rise of backscatter spam (incorrect automated bounce messages sent by mail servers, typically as a side effect of incoming spam.). Recipients of such messages see them as a form of unsolicited bulk e-mail since they were not solicited by the recipients, are very similar to each other and are delivered in bulk quantities. Systems that generate e-mail backscatter can end up being listed on various DNSBLs and block lists. This creates a lot of headaches for Exchange admins. One way to battle it, is to disable Non-Delivery reports, generated by the server.
In MS Exchange 2000/2003
1. Click Start → Programs → Microsoft Exchange, and then click System Manager.
2. Expand the Global Settings container on the left pane, click Internet Message Formats, right-click the Default object, and then click Properties.3. Click the Advanced tab.
4. Click to clear the Allow non-delivery reports check box, and then click OK. You can also forward a copy of your NDR to specific users:
1. Under Administrative Groups, expand First Administrative Group, expand Servers, expand servername, expand Protocols, expand SMTP, and then open the Default SMTP Virtual Server properties.
2. Click the Messages tab, and then add an address to the Send copy of non-delivery report to field.
Restart the MS Exchange Routing Engine and SMTP services:
In MS Exchange 2007
- Open the Exchange Management Console
- Expand the Organization Configuration folder
- Click on Hub Transport
- Select Remote Domains
- Right-click the Default tab
- Click on the Message Format
- to turn off NDR's uncheck Allow non-delivery reports
As a side note:
In today's world, most emails are spam and there are several reasons why its a good idea to drop bounce emails silently:
- Heuristically filtered spam. Spam filters are not perfect. Rejecting spam based on content filtering implies giving to spammers a test environment where they can try several alternatives until they find a content that passes the filter.
- Viruses and worms. Most times these are sent automatically from an infected machine. Since a bounce may contain a copy of the worm itself, it may contribute to its diffusion.
However, quoting RFC 5321, section 6.2:
As discussed in Section 7.8 and Section 7.9 below, dropping mail without notification of the sender is permitted in practice. However, it is extremely dangerous and violates a long tradition and community expectations that mail is either delivered or returned. If silent message-dropping is misused, it could easily undermine confidence in the reliability of the Internet's mail systems. So silent dropping of messages should be considered only in those cases where there is very high confidence that the messages are seriously fraudulent or otherwise inappropriate.
So use it wisely.