Would you like to...

Print this page

You may have noticed messages in your inbox with the subject "Delivery Status Notification" or "Returned mail: user unknown" that refer to recipients you don't recognize.

What’s an NDR?

A non-delivery receipt (NDR) is a message that a mail server sends to notify the sender when a problem occurs with delivery.

For example, if you type a recipient's address incorrectly, the receiving server might send you a message that looks similar to this:

Undelivered Mail Returned to Sender
Your message did not reach some or all of the intended recipients. Subject: Report update
The following recipient(s) could not be reached:
webmmaster@jumboinc.com on 03/15/2008 11:09 PM
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient

 
Types of normal NDR messages include:

               User unknown: The recipient's address doesn't exist on the receiving server, and  the message is bounced

                Server resources are unavailable; for example, the recipient's mailbox is full

                Auto-reply vacation or out-of-office messages

                Auto-reply list server or mailing list responses

Why do I  get NDRs from mail that I do not send?

NDRs are a normal part of email exchanges, but spammers' activities can cause spikes in NDR activity. Spammers send junk messages to thousands of email addresses, some of which exist and some of which do not. To give the appearance that their messages are legitimate, spammers use a practice called "spoofing," whereby they manipulate the "From" address to use a real domain or sender.

When a spammer sends email to an invalid address, the receiving mail server sends an NDR message to the "From" address, rather than to the actual sending server. Because spammers spoof common addresses, such as sales or info of well-known companies, these NDRs may be destined for your mail server.

The good news is that your message security service recognizes the spam content in an NDR, and blocks large numbers of these messages so they never reach your mail server.

Challenges and growth in NDR spam

NDR messages have two characteristics that can allow them to reach your inbox:

Some mail servers do not follow standard protocol, sending only the header information in an NDR rather than the full content of a message. Without message content, the message security service may not be able to differentiate between an NDR generated by a spammer's message and a legitimate NDR generated by a message you sent.

The mail servers that generate NDRs are legitimate senders. Therefore, blocking messages based on sender behavior would result in blocking valid email.

Another challenge is that the growth in NDRs is driven by the overall growth in spam activity. The more messages spammers send, the greater the number of spam messages sent to invalid addresses, resulting in more NDRs.

Customers of the message security service are not any more susceptible to NDR spam than other email users. Spammers try to use legitimate domains and user names, and they may coincidentally use those of message security customers.