Skip to main content
A
Anonymous_User
Contributor
March 18, 2010
Question

NDR/DSN and Dead Mail ?

  • March 18, 2010
  • 2 replies
  • 3771 views
Hello, Our Fortimails 4000A (Gateway Mode) have been recently blacklisted by Backscatter. On their web site, they indicated : " Email servers should be configured to provide Non-Delivery Reports (bounces) to local users only" So (even if i know it is not probably the best solution), i have disabled the DSN (NDR) email generation in the Mail Settings \ Settings \ DSN Option of ours Fortimails. What i don' t understand, is that i still have new messages in the Dead Mail queue. And the " Dead Mail queue" normally display only the NDR sent by fortigate (that haven' t been received). But the Fortimails should not sent any new NDR because i have disabled the option ... ? If anyone have some ideas, you are welcome ! Thanks, Best Regards Ben

    2 replies

    abelio
    SuperUser
    abelio
    SuperUser
    March 22, 2010
    Hello,
    So (even if i know it is not probably the best solution), i have disabled the DSN (NDR) email generation in the Mail Settings \ Settings \ DSN Option of ours Fortimails.
    even better approach is provided in admin guide; textually: To prevent delivery status notification (DSN) spam, enable bounce verification. ... To prevent this, enable bounce address tagging and verification (located in AntiSpam >Bounce Verification > Settings) and configure it with an active key. In addition, disable both the Bypass bounce verification option (located in Mail Settings > Domains > Domains) and the Bypass Bounce Verification check option (located in Profile > Session > Session). It is also recommended to select Use antispam profile settings for the Bounce verification action option (located in AntiSpam > Bounce Verification > Settings). Finally, verify that all email, both incoming and outgoing, is routed through the FortiMail unit. The FortiMail unit will not be able to tag email, or recognize legitimate DSN for previously sent email, if all email does not pass through it.
    What i don' t understand, is that i still have new messages in the Dead Mail queue. And the " Dead Mail queue" normally display only the NDR sent by fortigate (that haven' t been received). But the Fortimails should not sent any new NDR because i have disabled the option ... ?
    maybe, some old mails queued before you' ve applied changes
    A
    Anonymous_UserAuthor
    Contributor
    May 3, 2010
    Hi Ben, enable the Verify Recipient Address in your domain settings using SMTP. this will verify if the addresses exist and if not it will kill the request and will not sending any ndr for non legitimate addresses. That way you will not end on backscatter. ps: This will increase the load on your backend mailserver. Regards, Miguel
    Terms & ConditionsAccessibility statement