You are here: Resources > Virus Spam Bounce Ruleset
Virus Spam Bounce Ruleset (Backscatter Prevention)
Spammers are getting smarter and smarter, which is why they've begun sending a flood of spam messages that have trusted email addresses forged into them as the senders. Backscatter is caused by the people who do not reject mail during delivery, but instead accept the mail and then later send back a bounce message.
Spam bounce happens whenever mail is sent by a valid mail server to a non-local-recipient. Technically, bounces are called non-delivery reports (NDR) or delivery status notifications (DSN). If a message did not originate locally, then a mail server cannot know for sure if the address it is sending the bounce to is forged or not. This quickly leads to this unsolicited “backscatter” (or more rarely “outscatter”), which is sent to sites that never originated the email.
How to Prevent Backscatter
When you run a mail server, you have a responsibility of not sending backscatter. Bounces should ideally and only be generated by a mail server to a local recipient. Mail servers should not generate bounces to non-local recipients, but should instead reject the mail during the SMTP session, and leave the remote sending server to handle the bounce.
If a rejected mail is a legitimate message, the bounce gets generated by the remote sending machine, as expected; if a rejected mail is not a legitimate message, the remote end will probably not generate a bounce, and all is still well.
Use the SecPoint Protector Anti-Spam UTM Appliance
SecPoint proudly presents the award-winning SecPoint Protector—an all-in-one Unified Threat Management (UTM) appliance you can use to combat errors like spam bounces and backscatter. Use the Protector on your network so that it can defend you against backscattering spam with several tried-and-true techniques within its anti-spam arsenal. Network safety is guaranteed whenever you use the Protector.