What is Backscatter?
Posted by Wayne on Saturday, 1 February 2014
Chris writes: I have my own email server that I set up for a few friends and myself. I've been trying to cut the amount of Spam my server gets, but now my emails are being rejected with a backscatter.org message. What is backscatter and how can I stop it?
Looks like you have been blacklisted by backscatterer.org, it is likely you have been listed on others as well. You can check your mail servers IP with my RBL Check tool.
Backscatter are messages generated by a spammer sending Spam with a forged sender and sent to non-existent recipients on mail servers that are mis-configured, causing the email to be bounced back to the unsuspecting sender.
The mis-configured server accepts the email, being sent to a non-local user, and generates a non-delivery report or a delivery status notification with the original Spam intact.
In your case It appears your server is being used as a backscatter host, accepting the mail, and bouncing the message. You should only bounce to internal emails, and not outwards to other servers. Instead, reject the message, and leave it up to the receiving server to decide if it should generate it's own bounce or not. Doing so will prevent you from generating backscatter and help keep you off those RBLs.
Filtering backscatter is a different story, you can go the amavisd-new / spamassassin route, implement RBLs in your mail server config to reject those known Spam hosts, or even better; use both.
Hope this helps.
You may also want to read my earlier blog: Postfix: Fighting Spam using a Real-Time Block List (RBL)