Backscatter solutions

Joseph Brennan brennan at columbia.edu
Thu May 8 20:11:46 EDT 2008



--On Thursday, May 8, 2008 11:03 AM -0800 Marc Grober <marc at interak.com> 
wrote:

> I am getting pounded by backscatter as a result of one of my addresses
> being used by some major spammers. Are there any solutions available to
> address all the Delivery failure and bounce notices.  I would at least
> like to be able to sort between such responses from mail I am actually
> sending and the backscatter. I have looked through headers and nothing
> seems an obvious candidate.


You can sort all bounces to a separate folder (header From: should have
mailer-daemon in it).

Separating legit ones from fakes would require body filtering.  A
good target is the headers of the original message that appear in the
body of the bounce.  Check for example the exact style of the "From:"
line of your real mail, or the "X-Mailer:" or "User-Agent:" header
lines of your real mail.

If a lot of the backscatter is from a few domains, and you don't send
any mail to those domains, then you could reject based on headers alone
for those at least.

Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology



More information about the Info-cyrus mailing list