Free tools to reject unwanted mail at the SMTP level
From: Memet Anwar (memet_at_AIG-LIPPO.COM)
Date: Wed, 18 Feb 2004 16:02:14 +0700 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
I don't agree with people that chose to disable NDR to prevent
unnecessary load on their Exchange server when receiving mail destined
to unknown users. The main reason for me (aside of violating the RFC)
was this method has impact on the legitimate end-users: for example,
they wouldn't receive a notification when they mispelled one of your
internal user mail address.
Now, as summarised by DarrylJR@, there is other alternative beside
disabling NDR. I prefer the one that uses our SMTP server to abort the
smtp session by sending 550 back to the connecting client. But since
Exchange 5.5/2000 (don't know about 2003) doesn't have this option, we
must use 3rd party software/add-in to implement this.
For this purpose, I have two free tools that might be useful. One is a
front-end smtp proxy (useful for Exchange 5.5) and the other is a
protocol event sink for MS SMTP Service (for Exchange 2000). AFAIR, Both
of these methods were also mentioned in DarrylJR@ post last week.
Interested people may download the tools from my site at
http://www.freewebs.com/mmta/software.htm. Search for IDRSMTPProxy and
ExUserFilter from there.
Please excuse that the site is enforced with a monthly bandwidth quota
(sorry, can't find other free web hosting without ads), so if you found
it to be no longer available, feel free to mail me and I'll send the
tool to you by mail.
NTBugtraq Editor's Note:
Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.