none
Undelivered Message Display Contents to Recipents

    Question

  • Undelivered Message Content like Exchange2010 Hub Transport Server FQDN/hostname and IP Address displaying to recipient. which seems as security risk or insufficient information . Please help in order to prevent dns/IP or edit the message contents.

    #550 5.7.1 RESOLVER.RST.NotAuthorized; not authorized ##

    Original message headers:

    Received: from mail.com.pk (10.0.14.17) by
     EX1-Server.server.com.pk (10.32.180.3) with Microsoft SMTP Server
     (TLS) id 14.3.123.3; Wed, 21 Sep 2013 12:10:44 +0500


    • Edited by Faamin Saturday, November 02, 2013 8:37 AM
    Saturday, November 02, 2013 8:31 AM

Answers

  • Yes, once the banner is changed, anyone who telnets or issues an SMTP request, will not be able to see your server FQDN and just see the banner.

    however if you are refering to DNS name as it on the NDR of an emai - NO. You cannot change that at all. That is based on the email RFC's

    Hope this helps!


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Regards, Siva


    • Edited by Sivakumar Ramalingam Thursday, November 07, 2013 4:55 PM
    • Marked as answer by Faamin Wednesday, November 20, 2013 3:42 AM
    Thursday, November 07, 2013 4:54 PM

All replies

  • any body please input

    Sunday, November 03, 2013 3:09 AM
  • Hi,

    Please refer to the following article :

    http://www.send4help.net/your-message-wasnt-delivered-because-of-security-policies-exchange-2007-405

    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.

    Thanks,

    Angela


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

    Monday, November 04, 2013 2:05 PM
    Moderator
  • Hi Faamin,

    If I understand your question correctly, I guess you cannot change the contents of a NDR email because of RFC compliances. Each NDR message should and will contain the IP addresses of the rejecting email organization for troubleshooting and RFC purposes. It is not considered to be a security risk to expose the IP addresses of your organization.

    Even if you want to change the NDR content, if someone wants to find out about your email organization, it is very easy to do so. The internal IP addresses displayed on the NDR content does not posses any security risk.

    That being said, if you want to change the banner on your SMTP recieve connectors, you may change it as you wish. Set-ReceiveConnector -Identity "Internet Receive Connector" -Banner "Custom Banner" -ConnectionTimeout 00:15:00. This way - if someone trys to do an SMTP command (internal and external) will not be able to see the server name or IP address.

    Well, I may be wrong on this answer, if you find a way to change the NDR content, please let me know. I would be very interested to know!

    Regards.


    Regards, Siva

    Monday, November 04, 2013 4:19 PM
  • If we change the banner, will be the DNS name replaced with the banner name?

    current banner is set as 

    220 EX1-Server.server.com.pk Microsoft ESMTP MAIL Service ready at Wed,
    6 Nov 2013 10:47:09 +0500

    • Edited by Faamin Wednesday, November 06, 2013 5:50 AM
    Wednesday, November 06, 2013 5:48 AM
  • If you use the above command that I mentioned to change the SMTP banner, you will see something like this...

    PS Command: Set-ReceiveConnector -Identity "Internet Receive Connector" -Banner "Welcome to SMTP Relay" -ConnectionTimeout 00:15:00

    Output:

    220 Welcome to SMTP Relay
    Microsoft ESMTP MAIL Service ready at Wed,
    6 Nov 2013 10:47:09 +0500

    If you have multiple Internet or SMTP Relay connectors that you would like to change, you may use

    $x=Get-RecieveConnector | whereObject {$_. Bindings -eq "0.0.0.0:25"}

    $y=Set-ReceiveConnector -Identity "$x" -Banner "Welcome to SMTP Relay"

    Thanks!


    Regards, Siva

    Wednesday, November 06, 2013 3:11 PM
  • I understand the output and config you quoted above.. my question is still stand there that will be the DNS name hide after changing banner
    Thursday, November 07, 2013 4:27 PM
  • Yes, once the banner is changed, anyone who telnets or issues an SMTP request, will not be able to see your server FQDN and just see the banner.

    however if you are refering to DNS name as it on the NDR of an emai - NO. You cannot change that at all. That is based on the email RFC's

    Hope this helps!


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Regards, Siva


    • Edited by Sivakumar Ramalingam Thursday, November 07, 2013 4:55 PM
    • Marked as answer by Faamin Wednesday, November 20, 2013 3:42 AM
    Thursday, November 07, 2013 4:54 PM
  • thanks..I have seen some mail servers only issues IP Addresses not DNS names..what techniques are they using ..

    Monday, November 11, 2013 3:39 AM
  • Hi,

    Sorry for my misunderstanding.

    Agree with Siva, we couldn’t change the content in Original message headers of NDR.

    Based on my research, we can just customize user information in NDR since Exchange 2007:
    http://www.msexchange.org/articles-tutorials/exchange-server-2007/management-administration/customising-delivery-status-notification-messages.html

    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.

    If you have any question, please feel free to let me know.
    Thanks,
    Angela


    Angela Shi
    TechNet Community Support



    Wednesday, November 13, 2013 7:54 AM
    Moderator