[Dshield] PDF Spam Wave
dshieldlists at versateam.com
Fri Aug 10 14:28:34 GMT 2007
Sloan, Jocelyn wrote:
> If you can advise (or at send a link) on HOW to block the incoming
> messages that are for invalid users, that would be helpful. Telling me
> I need to do something, but refusing to share HOW is a waste of
> everyone's time. Show me where I can find out HOW to do it would be so
> much more useful. I am running Exchange 2003sp2, and I look forward to
> hearing from someone who knows how to do this. THANK YOU, in advance.
The first question is whether or not your Exchange Server is configured
to reject the message with "Permanent Failure" before the SMTP dialog is
complete if there is a bad addressee or if some other policy is
violated, rather than accepting it, examining it, and sending a bounce
message later. It may be that your Exchange Server is doing the right
Here's an article describing how Microsoft set up their Exchange 2003sp2
to be most effective against spam.
It looks like they do implement some sort of "real time" SMTP processing
that does not fully accept the email until after a variety of checks
have been made; this might allow them to issue a "permanent failure" to
the sending machine instead of accepting the message and bouncing it later.
There is a KB article here:
It seems to relate mostly to turning of non-delivery reports. This
sounds like a good idea if the message can be determined to be spam with
a bad addressee; but for the very small number of cases where it is good
email with a bad addressee, an NDR should be sent. On the other hand,
since "real" NDR's are such a small proportion of all bounces messages
these days, it might be just as well to turn them off.
I'm pretty sure the newer Exchange server makes it easier to reject mail
with bad addressees. I know that's probably not what you wanted to hear.
More information about the list