Exchange 2016 NDRs, backscatter and informing users what is happening.

Hi,

We noted an issue the other day that was not obvious to diagnose. An external user sent a large email that broke policy thresholds for email size. Our server issued an NDR, but we relay our outbound SMTP connection through an upstream provider that drops NDRs to ensure quotas are met and to reduce backscatter. This meant that the sender did not get a notification as to the failure, and the intended internal recipient did not understand that an email attempt was even made. It was only after several weeks that the problem was diagnosed. 

Whilst the policy size limits can be increased, I was looking to see if there was a solution to forward all internally generated NDRs to a shared mailbox. I noted that there are some options in the "EAC --> mailflow --> organization transport settings --> delivery", but I'm not entirely convinced they are for NDR's that we send, rather it is for NDRs received from other servers.

We have set up recipient email filtering to send certain error responses if, for example, emails are sent to unknown users (forcing the sending server to generate an NDR), but in this case, the email and To user are valid. It is not until the email is fully delivered and processed, that this policy is checked. so I believe an error response could not be issued, so the NDR sent from our server is the correct thing to do.

Is there anything we can do on our side to inform an administrator or internal user, that an email attempt had been made but failed?

Cheers