Disable NDR - Diagnostic information for administrators RRS feed

  • Question

  • I am trying to disable internal IP disclosure in external NDRs. I have set NDRDiagnosticInfoEnabled to False. All internal NDRs do not contain the Diagnostic information for administrators but all external NDRs still contain the information.

    [PS] C:\Windows\system32>Get-RemoteDomain | fl name, NDR*

    Name                     : Default
    NDREnabled               : True
    NDRDiagnosticInfoEnabled : False

    Any suggestions will be appreciated. Thanks.
    Friday, November 8, 2019 4:47 AM

All replies

  • Hi

    So you dont want to disable NDR completely which you can do with this command:

    set-RemoteDomain "Default" -NdrEnabled $false

    Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Friday, November 8, 2019 5:15 AM
  • No, we would still prefer external senders to get notified when an email gets rejected.
    Saturday, November 9, 2019 11:27 AM
  • No, we would still prefer external senders to get notified when an email gets rejected.
    That will work depending on the NDR and which server is generating it. Which NDRs are you referring to?
    Saturday, November 9, 2019 1:07 PM
  • Hi Aaron Hassan, 

    Did you run the following command? Do you mean external users still get Diagnostic information for administrators aftering running this?

    Get-RemoteDomain "default" | Set-RemoteDomain -NDRDiagnosticInfoEnabled $false

    Same question with Andy, which NDRs are you referring to? To eliminate the NDR, you can also try to create a specific send connector for the domain and see if the issue persists.

    1.In the EAC, navigate to Mail flow > Send connectors, and then click Add . This starts the New Send connector wizard.
    2.On the first page, enter the name and choose the type of the connector.
    3.On the next page, in the Network setting section, select Route mail through the following smart hosts. Add the IP address of the MX record of the accepted domain.
    4.Set Smart host authentication settings to None.
    5.In the address space section, add the accepted domain name.


    Beverly Gao

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact

    Monday, November 11, 2019 9:26 AM
  • Yes, external senders still receive the Diagnostic Info after setting to NDRDiagnosticInfoEnabled false .

    NDRs such as incorrect recipient address, mailbox full. Thanks.
    Monday, November 11, 2019 11:33 PM