Stripping Internal Exchange Organization Info From NDRs Sent To Remote Domains…

MS Exchange

The default “remote domains” setting in Exchange 2010 allows non-delivery reports (NDRs) to be sent to all remote domains. These error message will contain internal Exchange Organization information like the server names, IP addresses, AD domain name etc.

What if you are security conscious and what to strip those information from the NDRs and yet get it sent to external senders? It is possible in Exchange 2010 SP1, with the introduction of a new parameter named “NDRDiagnosticInfoEnabled” for the Set-Domain cmdlet.

By default, the value of “NDRDiagnosticInfoEnabled” is set to $true, which means that external senders will get the full NDR.

Default NDRInfoEnabled

If you want the senders to be notified regarding the error only and withheld any internal Exchange information, set the value of “NDRDiagnosticInfoEnabled” to $false. I am setting this only for my “Default” remote domain, as I am happy with sending the full NDR to my partner company theucguy.net

Set remote domain to strip info from NDR

Next time an NDR goes out to an external sender, it won’t have any inside information Winking smile

Other Popular Articles


MS Exchange

Scripting Agent Initialization Failed: “File is not found” Error During Exchange 2016 Setup

MS Exchange

EAC Access While Co-Existing Exchange 2013 With 2010

MS Exchange

Delete All Calendar Entries In An Exchange 2010 Mailbox

7 thoughts on “Stripping Internal Exchange Organization Info From NDRs Sent To Remote Domains…”

  1. This command, for me, in Exchange 2010 SP3, will actually suppress any NDR from being delivered, rather than removing Diagnostic Info. Any ideas?

    Reply

Leave a Comment