Announcement

Collapse
No announcement yet.

Delivery Status Notification (Failure)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • cbell3
    started a topic Delivery Status Notification (Failure)

    Delivery Status Notification (Failure)

    All of a sudden, I am receiving Delivery Status Notification (Failure) issue. These are not message sent from anyone at my company. I think somehow I am being spammed. Is there something I failed to do to secure my exchange 2003 server. Any ideas? I am not sure where to look.

  • eod
    replied
    Re: Delivery Status Notification (Failure)

    It slipped past our Postini services also. Found a way to catch it on our Antigen/Forefront for Exchange services.

    Leave a comment:


  • 1parkplace
    replied
    Re: Delivery Status Notification (Failure)

    This exploit email has been affecting my users for a few weeks now. We have not seen any slow down, although google postini services claim they have found a way to filter them.

    If you view the message headers though, they are going through some pretty reputable servers. (ie. Google, AOL, Yahoo, Trendmicro)

    Leave a comment:


  • eod
    replied
    Re: Delivery Status Notification (Failure)

    It could be a 3rd thing.

    Currently there is a trojan making the rounds that masquerades as a Delivery Status Notification. The attachment is an html attachment with various javascript browser exploitables.

    Leave a comment:


  • Sembee
    replied
    Re: Delivery Status Notification (Failure)

    It could be one of two things.
    1. Your server is being abused. Look in ESM in the queues. If the server is being abused then there will be lots of messages in there, as spammers lists are not always that clean.

    2. The most likely is a spammer is simply using your email address/es as the reply to address. The real problem is the remote side, which accepts the email and then attempts to NDR it back to the sender. That causes what is known as backscattter and can get them blacklisted. They should do recipient validation at the point of delivery.
    If it is this, then there is nothing that you can do about it. The spammer will eventually move on to use another address. Any attempts to block the NDRs could mean you get blacklisted and are hard to do effectively without blocking genuine NDRs.

    Simon.

    Leave a comment:


  • cbell3
    replied
    Re: Delivery Status Notification (Failure)

    Sorry for the insufficient information. What is happening is that it looks like I sent an email to someone and they no longer have this email so the postmaster on the other end is sending me a failure notice. These messages are comming back from different emailaddresses about every 30 minutes. Here is one of the messages.

    Note: Forwarded message is attached.

    This is an automatically generated Delivery Status Notification.

    Delivery to the following recipients failed.

    [email protected]

    Final-Recipient: rfc273;[email protected]
    Action: failed
    Status: 8.2.2

    I am nor my employees are sending messages to these email addresses so I think somehow I am being spammed. Any thoughts on this?

    Leave a comment:


  • Sembee
    replied
    Re: Delivery Status Notification (Failure)

    Based on the information that you have supplied, impossible to answer.
    You need to provide more information on what you are actually seeing because there could be any number of issues and therefore resolutions based on the small amount of information that you have provided.

    Simon.

    Leave a comment:

Working...
X