Hi Everyone, in this article I would like to show you how can we catch any emails that delivers to our domain,
Even if the SMTP address of the recipient is invalid or not existing.
The purpose is to learn sender’s behavior toward my domain Weather is some person who trying to spoof email to your domain or tried to send an email to the certain mailbox and miss some letter in the email address.
You can create a mailbox that contains all emails that were sent by mistake or were misspelled/misaddressed and track there the traffic.
Please note that NDR won’t send to the second side and it is not applicable for Hybrid & Co-existence environments, likewise, Microsoft Office 365 Support team not supported officially on this feature. However, According to my tests, it works like a charm
First, go to your domains and change you accepted domain to be set as “Internal Relay” by default it may be on Authoritative field which means that only valid recipient can receive emails and unknown recipient emails are rejected
Afterward, create a new ‘Dynamic Distribution group’, this Dynamic group says that “Office365” group contains all “User with Exchange Mailboxes in your Office 365 env.” user that it is not the user with Exchange Mailboxes won’t be a member of this Dynamic group.
And the last action is creating the Rule, Name “Catch All”, Apply this rule if the sender is outside, Redirect the message to “Meir Peleg” [I am going to get any invalid SMTP mailbox], Except if the recipient is member of “Office 365” which is my Dynamic group.
So just summing up the scenario, if you try to send an email [Invalid / unknown email address] for instance, TO: [email protected] you should receive NDR that it does not exist, but after you configured the Catch all rule the email will redirect to “Meir Peleg” mailboxes and will be available for Meir. and you don’t receive NDR.