Backscatter Spam
One of the domains I host has recently attracted a lot of backscatter spam. What is backscatter? Let me explain.
If a spammer fakes an email address on someone else’s domain, some incorrectly configured mailservers receiving the spam will bounce the message back to the (apparent) sender. Meaning whichever poor schmuck has had their domain faked will get a huge pile of bounce messages. Thousands. Some misguided email administrators will even ban email from the domain and/or mailserver that appears to send the message.
Despite the abundance of information available on backscatter spam, there are still loads of mail servers that will happily bounce mail in this manner. Exim, Postfix and Sendmail, configured correctly, are all capable of dealing with this problem. If you’re looking for a reason to avoid using qmail, backscatter spam would be a good place to start.
The only time a mailserver should reject a message is at SMTP time. ie. when it is still connected to the sending machine. Once a mailserver has accepted an email for delivery it has made a commitment to deliver the email. Therefore a mailserver should never accept email that it isn’t able to deliver. Bounce messages should only be sent to local clients to indicate that their message did not get through.
[…] Rejecting mail at SMTP time is the “right” way to do things. It reduces bandwidth, memory, cpu and disk usage and eliminates backscatter. In a large ISP the two main costs are power and bandwidth, and so there are real cost savings to be made by enforcing RFCs at SMTP time. It’s even good for the environment. By ruthlessly checking for a postmaster address I know that while I sit at my keyboard here, I’m doing my bit for the polar ice caps. […]
Pingback by Brett Sheffield . com » Blog Archive » georbl.info — November 11, 2007 @ 3:12 pm