Wednesday, May 30. 2007

Why am I getting bounces about mail I didn't send?

Posted by Matt Vernhout in FAQ

Recently, there have been a lot of unsolicited bounces from ISPs which are created due to the following chain of events:

  1. Spammer uses an infected computer on an ISP network (zombie) to send spam

  2. Spam is sent with a forged sender address (aka. From), that is not hosted by the users ISP.

  3. Spam is rejected during delivery to recipient mail server and the receiving ISP mail server generates a bounce to the original, forged sender.


Here are some possible solutions to this problem (your ISP may need to be involved to manage these recomendations):

  1. Use some form of authentication on your domain; SPF, Sender ID or Domain Keys Identified Mail.
    While these solutions will not solve the bounces coming into your network, but will help ISPs checking messages supporting these solutions determine if the original messages that they are receiving (and subsequently sending a bounce to you) are from your network.

  2. Implement a solution like BATV for your own messages, to help determine legitimate bounces from your network, this allows you to ignore all bounces received that do not comply with your configuration.
Defined tags for this entry: ,
Trackbacks(0) Comments (0)
< How do spammers get my email address? | Isn't stopping spam a violation of the Free speech? >
Related entries by tags:
McColo and the Difficulty of Fighting Spam
The Root of All Email
Eddie Davidson
I need a job, and just got some spiffy email about a new job site!
Q&A | Talking Points Against spam
Trackbacks
Trackback specific URI for this entry
No Trackbacks
Comments
Display comments as (Linear | Threaded)
No comments
Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

BBCode format allowed
 
Submitted comments will be subject to moderation before being displayed.