Re: Excess email from Exchange Administrator

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

---

• From: v-natliu@xxxxxxxxxxxxxxxxxxxx ("Nathan Liu [MSFT]")
• Date: Fri, 30 Sep 2005 05:22:48 GMT

---

Hi Jazzaus,

Thank you for your update.

Let's clarify this question: We have two methods to retrieve incoming
emails: 1) Using POP3 Connector to retrieve emails from the ISP mailboxes
2) These incoming emails are directly delivered to the Exchange Server via
SMTP service.

The Exchange built-in filters (Recipient Filtering, Sender Filtering and
Connection Filtering) work with the method 2) of receiving emails. Since
the POP3 connector downloads the messages by using POP3 protocol and then
uses CDO to directly deliver them to the recipients, it will bypass these
filters.

Exchange?2003 supports recipient filtering. Therefore, you can filter
e-mail messages that are addressed to users who are not in Active
Directory, or e-mail messages that are addressed to recipients who are
frequently targeted by distributors of unsolicited commercial e-mail
messages.

You can use recipient filtering to filter messages that a sender sends to
any e-mail address, existent or non-existent, in your organization. If a
message is sent to any of the specified recipients, Exchange returns a
500-level error during the SMTP session.

By default, Exchange accepts mail addressed to any recipient (invalid or
valid), and then Exchange sends NDRs for all invalid recipients. Typically,
unsolicited commercial e-mail is sent from invalid addresses. Therefore,
Exchange retries delivery of NDRs to non-existent senders and thereby
wastes more resources. Enabling recipient filtering prevents Exchange from
wasting resources in this way because you can filter e-mail that is sent to
invalid recipients.

You can use recipient filtering to reject mail that a sender sends to
invalid recipients (recipients that do not exist in Active Directory).
However, doing so potentially allows malicious senders to discover valid
e-mail addresses. The SMTP virtual server issues different responses for
valid and invalid recipients. By comparing the responses issued by the SMTP
virtual server for valid and invalid recipients, malicious users can
identify valid e-mail addresses in your organization.

More information:
Configuring Recipient Filtering
http://www.microsoft.com/technet/prodtechnol/exchange/guides/E2k3AdminGuide/
4f933d61-77ba-4f8d-adda-c3c1c67628ba.mspx

I appreciate your time and cooperation. If anything is unclear, please feel
free to let me know. I am looking forward to hearing from you.

Best regards,

Nathan Liu (MSFT)
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>From: "jazzaus" <joel.zimmerman@xxxxxxxxxxxxxxxx>
>Newsgroups: microsoft.public.windows.server.sbs
>Subject: Re: Excess email from Exchange Administrator
>Date: 28 Sep 2005 07:02:45 -0700
>Organization: http://groups.google.com
>Lines: 13
>Message-ID: <1127916165.365614.323890@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
>References: <1126724154.823475.225130@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
> <1127489329.493207.47530@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
> <bb19R0nwFHA.3908@xxxxxxxxxxxxxxxxxxxxx>
>NNTP-Posting-Host: 209.12.113.18
>Mime-Version: 1.0
>Content-Type: text/plain; charset="iso-8859-1"
>X-Trace: posting.google.com 1127916170 9529 127.0.0.1 (28 Sep 2005
14:02:50 GMT)
>X-Complaints-To: groups-abuse@xxxxxxxxxx
>NNTP-Posting-Date: Wed, 28 Sep 2005 14:02:50 +0000 (UTC)
>In-Reply-To: <bb19R0nwFHA.3908@xxxxxxxxxxxxxxxxxxxxx>
>User-Agent: G2/0.2
>X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
NET CLR 1.1.4322),gzip(gfe),gzip(gfe)
>X-HTTP-Via: 1.1 BACKOFFICE
>Complaints-To: groups-abuse@xxxxxxxxxx
>Injection-Info: g49g2000cwa.googlegroups.com; posting-host=209.12.113.18;
> posting-account=rTecVQ0AAABw3ihGBRAaRoCgks4oNKq8
>Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
ne.de!border2.nntp.dca.giganews.com!nntp.giganews.com!postnews.google.com!g4
9g2000cwa.googlegroups.com!not-for-mail
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:157127
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>In your note 1. you said:
>"...Therefore, the NDR response is sent by the Exchange Server, it
>isn't sent by the relay Server, since the inbound emails are directly
>delivered to the Exchange Server through the SMTP Service. "
>
>Did you mean POP3 instead of SMTP?
>
>since implementing Les' suggestion of the recipient filter the number
>of administrator emails sent out have gone down to almost nothing. From
>this I assume that we are no longer sending NDRs for messages but are
>relying on the relay (ISP) server to notify the sender of the failed
>delivery attempt.
>
>

.

---

• Prev by Date: RE: Usage Report no longer shows internet activity
• Next by Date: RE: After Event 539 (user Lock out) cant access companyweb(Sharepoint)
• Previous by thread: Re: Excess email from Exchange Administrator
• Next by thread: RE: Exchange Server unavailable
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Hundreds of domains in message queue/Cant delete queues ... the domain queues should eventually go away. ... System messages are messages from the Exchange or Windows 2000 or 2003 ... 2003 has a feature called "Recipient Filtering" which would block the ... > these emails, then deleting them, should the domain queues ... (microsoft.public.exchange2000.protocols) Re: Outbound email tracking? ... the outbound emails on the SBS Server. ... How to Enable Message Tracking in Exchange 2000 Server ... You may refer to the following information to protect Exchange: ... When you enable recipient filtering (if you are using SMTP for incoming ... (microsoft.public.windows.server.sbs) Re: my exchange 2007 is spaming, spam sender is postmaster ... There is a good chance you are sending NDRs in response to incoming spam. ... Try enabling recipient filtering to block emails addressed to invalid ... You can only do this if Exchange is receiving internet email directly. ... (microsoft.public.exchange.admin) Sent emails are sometimes blank ... That is, when someone sends me and other recipients a message, ... also connects to the POP3 and SMTP servers of an external ISP. ... Exchange is really ... Msg 1 hdr (emails modified): ... (microsoft.public.exchange2000.misc) Sent emails are sometimes blank ... That is, when someone sends me and other recipients a message, ... also connects to the POP3 and SMTP servers of an external ISP. ... Exchange is really ... Msg 1 hdr (emails modified): ... (microsoft.public.exchange2000.general)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2005-09