How to prevent backscatter

EQ Admin

EQ Forum Admin
Staff member
Hello,

A mail server that is vulnerable to backscatter is a server that is configured to accept e-mail that is guaranteed to not be delivered and later bounce. If you have a mail server that accepts any mail to your domain, and creates a non delivery report (NDR), your server can be used by spammers to send spam to innocent 3rd parties. For example, a spammer sends an e-mail To: DoesNotExist@your-domain.com From: InnocentBob@aol.com what happens is that your mail server accepts the messages, and then bounces (spams) innocent bob with an NDR that has the spam content in it too. Backscatter has been an issue for several years now and there is no reason not to protect your mail servers from this issue.

To fix the problem you need to do valid recipient checking. During the initial smtp conversation your mail server should check for the existence of an account before accepting an e-mail. If you reject the e-mail and drop the connection when you see an e-mail To: an invalid account in your domain then the message is never accepted, and there is no chance for it to later bounce.

The specific directions for correcting this problem depend on your mail server.

I use qmail with vpopmail on my server and use the chkuser patch to fix this problem.

Here are some older directions that may be useful as a starting point for preventing backscatter on Postfix servers.

A sendmail server should be OK but depending on your environment you may want to milter ahead.

Microsoft mail server admins can disable NDR's in Microsoft Exchange.

Please view our Email Resources section to find additional articles, tutorials, and product reviews from the experts at EmailQuestions.com.
 

Blake

Valued Member
I had a problem with this before. It can really be a pain. It was due to badly configured mail server. I think when you first get your hosting and start with a site, you should always run through a nice checklist. And I would say that this is a great thing to add to your checklist. But very good information.
 
Top