Backscatterer - Why it is abusive and how to stop your system doing so

Email servers should be configured to provide Non-Delivery Reports (bounces) to local users only.
Unacceptable email from anywhere else should be rejected.

If you send NDRs (bounces) to innocent people out there, this is considered abusive because it can amount to a DDOS.

Example:
Spammer fakes ‘from’ to be victim@victimdomain.tld and sends out 30 million emails with that forged sender, what do you think will happen?

If yourcompany.tld has a properly configured mail server, the SMTP dialog will look like this:

HELO forged.domain.name
MAIL FROM: victim@victimdomain.tld
RCPT TO: NoSuchUser@yourcompany.tld
550 User unknown

In this case, the spammers will not get their crap out of their mail queue and nobody will be hurt by your server.

But, if yourcompany.tld doesn’t have a properly configured server, it will accept the email for delivery and then it will be unable to deliver the email to local user "NoSuchUser".

Your server will next return the email to the forged sender, victim@victimdomain.tld, which is logically a case of abuse, because victim@victimdomain did not send the crap to you ...

Worst case scenario: There are millions of poorly configured email servers out there, so therefore victim@victimdomain.tld will get millions of reports telling him that his email was not delivered .... What email ??? he didn’t send it ... !!

What this means to you:

If any spammer was to fake a ‘From’ to be the same as one of our spamtrap email addresses, the resulting NDR from your server would hit our spamtrap causing your IP address to be blacklisted here, because your system sends backscatter to our spamtraps.

Find out how you can stop your system doing backscatter (External Link)

Click here - a new window will open