Messaging Gateway

 View Only

  • 1.  How can I block all message delivery failure e-mails to a specific address

    Posted Sep 30, 2008 05:07 AM

    I am trying to stop one of departments from receiving message delivery failure e-mails sent to their group address.

    We never send out mail from here, but they are receiving thousands of bounce back messages a week

     

    Ive created various compliance rules filtering on subject of message failed etc. but they mails still come through.

    Also have created a dictionary containing failure, delivery failure etc. and have setup a rule of "If any part of the message contains 1 or more words in dictionary "Blocked Phrases for group e-mail"" but the mails still come through!

     

    Has anyone found how I can block these mails. They are all bouncing back to us via a single address of salesteammail@company.com.  We need to receive mail through to here, but as we never send out from it I can happily (hopefully) block all bounce back mails

     

    any ideas greatly appreciated

     

    jk



  • 2.  RE: How can I block all message delivery failure e-mails to a specific address

    Posted Sep 30, 2008 11:06 AM

    Hello,

     

    First of all, what program are you using? Is this the mail security appliance or SMTP5 or Brightmail 6?

     

    Your best bet within the program is to use compliance filtering. You have to make sure that you are filtering on the proper part of the message. IE message body or header. We have some people who are able to install an upstream device to just do header checks and some low level regex filtering to clear some of these up but this is a fairly advanced implementation.

     

    As possible assistance to you the list below seems to block the majority of these NDRs. Please note that this is by no means a complete list and is not to be used as gospel and is not technically "supported" by Symantec. This is just something that may help in blocking the NDRs for that user.

     

    Another note is that Symantec is always looking for better ways to block "backscatter" or invalid NDR messages. Generally this is done by content in the body or blocking of connecting IPs. So you should continue to see the program do better on this front in the future.

     

    I hope it helps.

     

    /^From: Mail Delivery Subsystem <MAILER-DAEMON
    /failure notice
    /Warning: could not send
    /Returned mail
    /Mail delivery failed
    /Undelivered Mail Returned to Sender
    /Mail System Error
    /Undeliverable Mail
    /Delivery Status Notification
    /Delivery reports about your e?mail
    /Delivery failure
    /Undeliverable
    /Unable to deliver your message
    /mailer-daemon
    /message undelivered
    /undelivered mail

    /unable to process your message

    /Your e?mail did not reach the intended
    /Your Message Could Not Be Delivered
    /Warning:.*?User unknown
    /Message status*undeliverable



  • 3.  RE: How can I block all message delivery failure e-mails to a specific address

    Posted Sep 30, 2008 11:33 AM

    Hi Tom,

     

    thanks for your reply

     

    We are running Symantec Mail Security for SMTP v5.01 with patch 189 installed.

     

     I'll give the list below a try and see how we get on, should be able to see if it's working fairly soon

     

    (just had another 200 messages delivered in the last 2 hours)

     

    ta

     

    John