Your company subscribes to the Office 365 Enterprise El plan. You are the Microsoft Exchange Online
administrator.
In the last week, employees have reported that they are receiving non-delivery report messages
from other companies. The employees have not sent messages to recipients within those
companies.
You need to prevent non-delivery report messages from reaching employees.
Which content filter option should you turn on in the Exchange admin center?
A.
NDR backscatter
B.
Conditional Sender ID filtering: hard fail
C.
SPF record: hard fail
D.
Block all bulk email messages
Explanation:
http://blogs.technet.com/b/exchange/archive/2014/08/18/spam-email-and-office-365-
environment-connectionand-content-filtering-in-eop.aspx
NDR Backscatter
When this setting is enabled, any message that matches the non-delivery report (NDR) bounce characteristics will be marked as spam. It is not necessary to enable this setting if your organization uses Exchange Online Protection to send outbound mail.
—–
NDR backscatter is when spammer forges the user’s email address and sends email on their behalf to other recipients. If the “destination mail system” recognizes the mail as a spam or if the mail is sent to non-existing users, the “destination mail system” creates an NDR message that is sent to the organization recipient (the user whose email address was used by the spammer).
NOTE: So if spammer sends spam emails as something@yourdomain.com to radom addresses, many NDRs will come back to you and using Exchange Online Protection to send outbound email will not change anything about it.
EOP use only Backscatterer DNS Block List (DNSBL) for incoming emails.
I prefer reverse DNS lookup to not send NDR in the first place..
0
0
Nice answer Anna. NDR’s are not usually sent for SPAM though, spam is normally discarded by most systems.
0
0