Backscatter Protection - Overview
Contents
Backscatter
"Backscatter" refers to response messages that your users receive to emails that they never sent. This occurs when spam messages or messages sent by viruses contain a "Return-Path" address that is forged. Consequently, when one of these messages is rejected by the recipient's server, or if the recipient has an Autoresponder or "out of office"/vacation message associated with his account, the response message will then be directed to the forged address. This can lead to huge numbers of bogus Delivery Status Notifications (DSNs) or auto response messages ending up in your users' mailboxes. Further, spammers and virus authors frequently take advantage of this phenomenon and will sometimes use it to launch Denial of Service (DoS) attacks against email servers, causing a flood of invalid emails to arrive from servers located all over the world.
MDaemon's Solution
To combat backscatter, MDaemon contains a feature called Backscatter Protection (BP). BP can help to ensure that only legitimate Delivery Status Notifications and Autoresponders get delivered to your accounts, by using a private key hashing method to generate and insert a special time-sensitive code into the "Return-Path" address of your users' outgoing messages. Then, when one of these messages encounters a delivery problem and is bounced back, or when an auto-reply is received with a "mailer-daemon@..." or NULL reverse path, MDaemon will see the special code and know that it is a genuine automated reply to a message that was sent by one of your accounts. If the address doesn't contain the special code, or if the code is more than seven days old, it will be logged by MDaemon and can be rejected.
Backscatter Protection is located under MDaemon's Security menu at: Security » Security Settings » Other » Backscatter Protection.
Backscatter Protection is an implementation of Bounce Address Tag Validation (BATV). For more on BATV, visit:
See: