The NDR messages notify the sender that a message was not received. This seems like a useful feature, except that lately Spammers and virus writers are spoofing the From fields of either Spam e-mails or contaminated e-mails.
An example of the above situation occurred a few weeks ago when the MyDoom virus sent e-mails to randomly generated addresses with spoofed From fields and these addresses were bombarded with NDRs. This accounted for a large portion of Internet traffic created by the virus.
The solution to this problem is to simply turn the NDRs off. This is doable if you are running Exchange server 2003 or 2000 (
Turning the NDRs off actually violates RFC 821, so this seems to be a "between a rock and a hard place" sort of problem.
Beyond that, Microsoft's official position is that you should upgrade to Exchange 200x, but since this requires Active Directory installation, it is a non-trivial migration. If you, like many others, are still using Exchange 5.5, you might want to contact Microsoft to lobby for a fix to this problem, as more mass-mailing viruses are sure to strike.
This was first published in February 2004