First of all, what is NDR?
NDR stands for Non-delivery Report. These are emails. Basically, you receive this type of NDR emails because an email you sent to someone did not reach the intended recipient.
But why are you getting NDRs from mail servers for mail you NEVER sent? The answer: Spammers are spoofing your email address. They are claiming to be YOU when they send out emails (oh yes it can be done easily).
So let us say that your email address is user@domain.com. A spammer got hold of your email and then ’spoofs’ it. This means that the spammer is now sending out spam using YOUR email address. Because spammers send out thousands of emails – (some to wrong address), the mail servers of the domain will naturally send out a notice that the email could not be sent (either the reciepient is non-existent, or the mailbox is full).
These Non delivery notices via email are then sent to the sender’s email address. In the above scenario, they will be sent back to you. Even if you did not really send the email in the first place! And that explains why you are getting tons of NDR emails even if you did not send any emails out!
The internet community has come up with a way to combat or reduce these types of NDRs and spams. It is called the SPF (Sender provider framework). In simple terms, we put up a record on your domain that says email from your domain can only be sent out from a list of accredited email servers. This makes it hard for spammers that use their own mail servers to ’spoof’ your identity anymore. This will reduce the spam they send out, and also reduce the NDR spams you get!!
Interesting now isnt it? So how do you enable SPF on your domain? The solution is fairly simply as well!
Use Microsoft’s senderID tool and follow the prompts. For our hosted clients that need us to enable their SPF on their domains, kindly contact your account executive to start the process! Do let us know if this has helped you and your experience with NDR once the SPF has been implemented.