While you may view it as a waste of time, it is required by RFC. Additionally, it is not receiving a "copy" of a NDR, it is the actual NDR. It is recommend to instead use your anti-spam software to trap and delete those specific ones. Remember people, if the war on spam was that easy, it would be over by now. John T From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Simon Butler Sent: Thursday, October 18, 2007 10:36 AM To: 'exchangelist@xxxxxxxxxxxxx' Subject: [ExchangeList] Re: Spam Attack Depends what sort of attack it is. Sounds like an NDR attack. Therefore the first thing you should do is turn off the option on the SMTP virtual server to receive a copy of NDRs. That is usually a waste of time anyway.