My Blog
I decided to finally get with it and create my own Blog. I don't know how often I'll be blogging, as I stay fairly busy, but I'll try to post here every so often. Since most of the work I do relates to Microsoft Exchange, probably much of what I blog about will relate to that, but I'm sure that there will be occasional (or frequent) blogs about my family.
About Me
- Name: Ben Winzenz
- Location: Keller, Texas, United States
I grew up near Ann Arbor, Michigan and went to college at BYU (Brigham Young University). In 1992, I took 2 years off from school to serve a full-time mission for my Church (the Church of Jesus Christ of Latter-day Saints) in Frankfurt, Germany. I've been married for 11 years and have 4 beautiful children. I have been working with Exchange since 1999.
Subscribe to this Blog
Subscribe to my Blog
Contact Me
E-mail me
Other Blogs
MS Exchange Blog
Mark Fugatt's Blog
You Had me at EHLO
David Lemson's Blog [MSFT]
Evan Dodd's Blog [PSS]
KC Lemson's Blog
Michael Palermiti's Blog [PSS]
Michael B. Smith's Blog
Andy Webb's Blog
Chad Gross [SBS]
E2K Security
Glen's Exchange Dev Blog
Bharat Suneja's Blog
Exchange Cookbook
Kevin Weilbacher [SBS]
Sigfried Weber
Susan Bradley's SBS Blog
Tim Rains' Weblog
Robert Hensing's Blog
Robert Scoble's Blog
WitNit
Jim McBee's Mostly Exchange Blog
Ant Drewery
Exchange-ing Ideas - Missy Koslosky
Donna's Security Flash
What's in Store - WinFS blog
Microsoft Security Response Center
Jason Langridge's WebLog - MR Mobile!
Gerod Serafin's Blog
XP Source
Mark's Sysinternals Blog
Jesper Johansson's Blog
ExchangeIS - Ben Hoffman's Blog
Ray Ozzie's Blog
Monad Team Blog
Devin Ganger - (e)Mail Insecurity
Steve Riley's Blog
Henrik Walther's Exchange Blog
Search
Archives
September 2004October 2004
November 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
Friday, January 20, 2006
Understanding NDR's
I see requests for help on NDR's all the time on the newsgroups.
What many people don't understand is that when you get an NDR, there is a difference between the server that issued the error, and the server that generated the NDR.
Often, your server will be the one that generated the NDR. By that, it simply means that your server was the one that ultimately delivered the NDR to you. It doesn't mean it was the one that issued the error, though your server certainly can do both.
Understanding NDR's fully means that one needs to have an understanding of how SMTP works. Per the RFC's, a 500-level error is a permanent fatal error message.
Often, when you receive an NDR back, it's because the remote server issued a 500-level response at some point during the SMTP conversation itself.
When will the remote server generate the NDR? When the message has been accepted by that server (indicated by 250 Message Queued for Delivery, or similar message). This is a problem that Exchange has when dealing with Spam, that to my knowledge is still a problem (although not a vulnerability for relaying mail).
Back on topic. Once a server has accepted a message, it then becomes responsible for delivering it, and if it can't, it is then responsible for generating and delivering the NDR. When might you see a remote server issue an NDR (not just the error message)?
1. Mailbox over the limit.
2. Invalid address where the server isn't checking the address against a directory during the conversation.
How about from your server?
1. Above example where you ARE doing address checking (filter recipients not in the directory, for Exchange)
2. Attempting to relay a message to a non-local domain.
3. Message size too large (if enhanced SMTP commands are enabled).
Obviously, this doesn't cover every reason that can cause NDR's or who generates them - they are just a few examples.
I'll try to post some real NDR's and decipher them in the coming days. If you've got any samples you'd like posted (you can take out any sensitive info), feel free to send them to me, otherwise I'll probably use some generic ones on the internet.
- posted by Ben Winzenz @ 9:48 AM
