Help, NDR's are flooding my boss's email box!

[Ray Gibson]

Outlook 2003 / Exchange 2003 sp2

One user (my boss!) is getting inundated with System Administrator NDR's. I
know that these are coming back as a result of a spoofed email address. 300
+ a day! We have anti spam and anti virus in our enterprise so I know they
are propigating from outside.

Anyway, Outlook 2003 will not allow a rule to be created to move all of
these Sys Admin messages out of her Inbox, and I don't want to disable the
NDRs all together.

How can I keep the benefits of NDR's and yet allow my user to have a "clean"
mailbox.

I'm out of ideas

thanks in advance,
Ray

 

[Betelgeuse]

You would be better served by putting an SMTP gateway between your exchange
server and the internet, which would allow you to set rules as you desire.

There are a number of free possibilites out there.
http://www.freespamfilter.org/index.html

is one.

I suppose you could write a custom event sink for exchange...

 

[Lanwench [MVP - Exchange]]

In

Outlook 2003 / Exchange 2003 sp2

One user (my boss!) is getting inundated with System Administrator
NDR's. I know that these are coming back as a result of a spoofed
email address. 300 + a day! We have anti spam and anti virus in our
enterprise so I know they are propigating from outside.

Anyway, Outlook 2003 will not allow a rule to be created to move all
of these Sys Admin messages out of her Inbox, and I don't want to
disable the NDRs all together.

How can I keep the benefits of NDR's and yet allow my user to have a
"clean" mailbox.

I'm out of ideas

thanks in advance,
Ray

Your disabling NDRs won't do it, anyway - these weren't issued by your
server. They were issued by the recipients' servers, and sent to your boss
because he's the purported sender of the original messages. NDRs have become
less than useful, but it's hard to convince a lot of admins to disable them
outright.

Sadly, I'm not sure what you can do to combat this - other than using your
antivirus/antispam software to prevent delivery of the NDRs for the spoofed
email. You could set up a rule based on "undeliverable" in the subject line,
tho.....

 

[Ray Gibson]

Thanks for the reply.

You Lanwench have NDR's disabled? I'm seriously considering it.

Kinda like a spam filter. It works 95% of the time for good. 5 % of the
time it would be usefull!



"Lanwench [MVP - Exchange]"

 

[Lanwench [MVP - Exchange]]

In

Thanks for the reply.

You Lanwench have NDR's disabled? I'm seriously considering it.

Yes, I usually disable them.

Kinda like a spam filter. It works 95% of the time for good. 5 % of
the time it would be usefull!
Yep.



"Lanwench [MVP - Exchange]"

In

Your disabling NDRs won't do it, anyway - these weren't issued by
your server. They were issued by the recipients' servers, and sent
to your boss because he's the purported sender of the original
messages. NDRs have become less than useful, but it's hard to
convince a lot of admins to disable them outright.

Sadly, I'm not sure what you can do to combat this - other than
using your antivirus/antispam software to prevent delivery of the
NDRs for the spoofed email. You could set up a rule based on
"undeliverable" in the subject line, tho.....

 

[Ray Gibson]

I've been unsucessfull in any attempts to setup a rule. It runs through the
mailbox and leaves any messages that are from Sys admin regardless of the
criteria ..


"Lanwench [MVP - Exchange]"