On Mon, 28 Feb 2005, Keith Moore wrote:
could you explain the backscatter problem? I'm not sure what you're
referring
to.
If a spammer or a virus sends out forged email (a "joe job") a certain
proportion of it is likely to be rejected, e.g. because of incorrect
recipient addresses or anti-virus or anti-spam or anti-forgery checks. If
the rejection results in a bounce message the bounce will be sent to the
apparent sender of the message, who is an innocent third party and the
victim of the joe job. These bounces are backscatter from forged spam, aka
collateral spam.
the best way I know to deal with that problem is to recognize bounces
(not just by return-path but by message format) and to correlate them with
a Sent IMAP mailbox. bounces that don't match outgoing mail are silently
discarded. of course, not everybody use IMAP, and not all IMAP clients
support storing sent mail in a Sent mailbox.
more ideally, return-paths would be authenticated (in the sense that the
sender needs to be able to demonstrate he has the right to use that
return-path), and MTAs wouldn't bounce messages that failed authentication.
Keith