EmailDiscussions.com - View Single Post - Spike in amount of backscatter spam in inbox

WormholeLawyer · 19 May 2016, 12:07 AM

Quote:

Originally Posted by n5bb

Since I'm not getting any abnormal amount of backscatter (and I have many FastMail domain aliases and a person domain hosted at FastMail), I disagree with your premise. I have received two backscatter messages in the past 60 days, sent on April 16 & April 17. These were obviously random dictionary spoofs, since they were both FastMail domain short username aliases which were easy to guess (Bill @ fastmail-owned domain). I have received no backscatter from common FastMail aliases I use or my personal domain in the past 60 days. I discard spam older than 60 days or with spam scores 11, and I have received 94 spam messages with scores <11 in the past 60 days, or an average of about 1.5 spam messages a day filed in my spam folder. I have received many more backscatter in the past, but not recently.

The only way I know of protecting the reputation of your domain and reducing backscatter is as I suggested below (SPF, DKIM, and DMARC). Without publishing SPF for your domain, a receiving email server has no way of knowing which servers send email for your domain, so they have to assume that any message which appears to be from your domain is indeed a proper message. When the message is bounced at the SMTP stage, there is usually no spam filtering at the receiving server and the only way for the server to block the message (not send you backscatter) is if SPF fails, if the sending IP is a known insecure server, or if other behavior of the server is suspicious (such as bad response to greylisting).

My guess is that these reports are the results of random behavior by spammers.

Bill

Fair points, but again I have never in my two years of Fastmail and multiple domains received a single back scatter message until this began at the exact same time as other posters and with the exact same naming convention (first name, last name, two numbers, request for a bill to be paid). It just seems too coincidental that folks who never had an issue are all being impacted by the same exact spammers. Just strange is all.