all groups > iis smtp nntp > april 2008 >
You're in the

iis smtp nntp

group:

Disable badmail or NDR?


Disable badmail or NDR? PeterD
4/7/2008 8:15:01 PM
iis smtp nntp:
Any (easy) way to disable badmail or the NDR in Server 2003 SMPT?

(This Is Not Exchange Server!)
Re: Disable badmail or NDR? Sanford Whiteman
4/12/2008 12:40:44 AM
[quoted text, click to view]

Disable Badmail? Just clear the files out nightly if you don't to see
them, but Badmail is the double-bounce archive (not simple bounces),
and in normal operation you should only see mail in there whose sender
and recipient were both invalid.

What is your intended purpose in disabling NDRs?

--Sandy



------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
Re: Disable badmail or NDR? PeterD
4/12/2008 6:17:44 PM
On Sat, 12 Apr 2008 00:40:44 -0400, "Sanford Whiteman"
[quoted text, click to view]


One of our users got his email account compromised or phished, not
sure what as I disabled his account and he's not contacted me yet...

Problem is that thousands of spams were sent with his account, and now
they are bouncing and bouncing and bouncing... NDAs though initially
useful, are today just a clogging, resource wasting feature that
virtually every email user ignores.

Re: Disable badmail or NDR? Sanford Whiteman
4/13/2008 1:54:55 AM
[quoted text, click to view]

To be sure. Of course, the same spam could have been sent through any
server; his (E)SMTP credentials need not have been compromised to do
so. Naturally, it increases the penetration of the spam if it is sent
from a legitimate and otherwise well-configured server.

If you're trying to absorb this storm of NDRs for a single recipient,
why don't you just move his e-mail alias into another mailbox and sort
through it there? There's no reason to turn off NDRs for the entire
server just because _one person_ is receiving a storm.

[quoted text, click to view]

There's scant real-world evidence for your contention, but I
understand that you are frustrated because you're cleaning up after
your user's easily-guessed password or their gullibility in going to a
phishing site.

Nonetheless, your enemy is not the NDR, it's the security breach. In
fact, NDRs are often the sole signaling device that alerts us to
remote Joe Jobs and local mailbox compromises (in addition to their
primary notification function for legit e-mail).

--Sandy




------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
Got something to say? Click here to post a reply to this thread.
Don't see what you're looking for? Try a search.
View other messages in the iis smtp nntp group.
AddThis Social Bookmark Button
View Other Months
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
home · blog · groups Questions? Comments? Contact the dn