So, what actions should the mail server take if the destination email address is fake? Obviously, if the email...
address is valid, the mail server should deliver the message (perhaps after applying another layer of antispam detection). But, if the email is destined for a "fake employee," some mail servers will respond with a non-deliverable report (NDR) message. That way, if there was a real sender of the email, he or she could be informed that the message was rejected.
Other mail servers do not respond with an NDR message, and instead simply accept the email to the bogus address and silently discard it. The reason that some mail servers eschew NDRs (as the one you describe in your question does) is because their owners do not want a spammer to be able to try thousands of usernames and harvest valid ones. With NDRs, the attackers can differentiate valid from invalid addresses because the invalid ones will trigger an NDR, while the valid ones won't.
Whether or not to send NDRs is a point of some controversy. While they can offer a desirable business function (allowing legitimate senders to know that their messages weren't received), they also can help spammers. If a spammer spoofs a source email address, the NDRs will be directed to the victim's organization and domain. Thus, if a mail server is configured to send NDRs, a spammer could turn this functionality into a denial-of-service NDR flood against other organizations' mail servers.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Ed Skoudis
Learn how social networking sites compound the insider threat risk, and explore how to mitigate the threat with policy, training and technology. Continue Reading
By viewing a page's HTML source code and writing malicious scripts to a drop-down list, hackers may be able to re-post the malicous page to the ... Continue Reading
Password cracking may be a hacker's specialty, but there are also many strategies to keep passwords secure. Continue Reading