Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

SPAM Email received as NDR.

  • Filter
  • Time
  • Show
Clear All
new posts

  • SPAM Email received as NDR.


    A user just received an NDR email from the System Administrator address. I didn't receive an email in the postmaster mailbox. It seems like spam in a form of an NDR sent to [email protected] from System Administrator. Should I be worried about this incident? Is it a form of spoofing?

    Subject: Undeliverable mail:
    Your message did not reach some or all of the intended recipients.

    Subject: Научная Работа
    Sent: 2009-10-24 15:54

    The following recipient(s) cannot be reached:

    [email protected] on 2009-10-24 17:00
    The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
    < #5.0.0>


    Microsoft Mail Internet Headers Version 2.0
    Received: from ([]) by with Microsoft SMTPSVC(6.0.3790.3959);
    Sat, 24 Oct 2009 16:59:56 -0400
    X-Cloudmark-Score: 0.000000 []
    X-Virusscan: Clamd
    Subject: Undeliverable mail: ??????? ??????
    From: <[email protected]>
    To: <[email protected]>
    Date: Sat, 24 Oct 2009 23:59:51 +0300
    Message-ID: <[email protected]>
    X-MAPI-Message-Class: REPORT.IPM.Note.NDR
    MIME-Version: 1.0
    Content-Type: multipart/report; report-type="delivery-status"; boundary=""
    Return-Path: <>
    X-OriginalArrivalTime: 24 Oct 2009 20:59:57.0600 (UTC) FILETIME=[F19B9200:01CA54EC]
    Content-Type: text/plain; charset="utf-8"
    Content-Type: message/delivery-status
    Content-Type: message/rfc822

    Received: from [] (HELO localhost)
    by (CommuniGate Pro SMTP 5.2.10)
    with SMTP id 622909413 for [email protected]; Sat, 24 Oct 2009 23:59:51 +0300
    Date: Sun, 25 Oct 2009 00:53:59 +0500
    From: <[email protected]>
    Reply-To: <[email protected]>
    X-Priority: 3
    Message-ID: <[email protected]>
    To: <[email protected]>
    Subject: ??????? ??????
    MIME-Version: 1.0
    Content-Type: text/plain; charset=windows-1251
    Content-Transfer-Encoding: 8bit

  • #2
    Re: SPAM Email received as NDR.

    Quite common. Most of the questions are about cleaning up an Exchange server that is being abused.
    Basically a spammer sent an email to another server with an invalid email address on purpose. Your recipient was used as the from field. The server bounced the email to the "sender", which of course was spoofed.

    Nothing you can do about it as your server has to accept NDR messages. If you attempt to block them then your server will get blacklisted.

    Simon Butler
    Exchange MVP

    More Exchange Content:
    Exchange Resources List:
    In the UK? Hire me:

    Sembee is a registered trademark, used here with permission.


    • #3
      Re: SPAM Email received as NDR.

      Thanks for the reassurance!