Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

backscatter



Josh ChaitinPollak wrote:
> I'm getting a lot of emails similar to this one, I assume someone is 
> sending spam in my name.

Yes, those bounces you're receiving are commonly known as "backscatter."


> Have other people started getting these bulk failures?

My public address gets a dozen or so a week. They aren't limited to 
viruses, though that is the bulk of them.


> Is there anything I can do to stop people from spoofing my email 
> address? No right?

Yes. Define an SPF record for your domain:

http://spf.pobox.com/

This lets others know the IP addresses that are used for sending 
legitimate mail for your domain.

Clearly my admission that I still get dozens of bounces, even with an 
SPF record, suggests it doesn't do much good. But the theory is that the 
situation will get better as SPF is more widely adopted. (Really it's 
just a stop-gap and eventually will be superseded by some form of real 
authentication.)


> Is there anyway to filter real mail deliver errors (for messages I 
> actually sent) from the crap ones?

I considered creating a filter that captured the message ID of all sent 
messages and then on the inbound side could dump any bounces that 
referenced message IDs not found in the database, but of course there 
are lots of old and non-compliant MTAs that don't return proper delivery 
status notifications (DSNs).

The simple solution is to abandon the old address, at least for outbound 
mail. Then you'll know that any bounces received to that account are bogus.

If you have an MTA that supports address extensions, you can configure 
your email client to send all messages as user-bounce at example.com, while 
setting the reply-to address to user at example.com. Then most legitimate 
bounces can be filtered out from the bogus ones.


> Emailpost.org is looking like a better and better option.

?? That takes me to a domain reseller page.

  -Tom




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org