Backscatter (NDR) Spam - Protect Yourself


by Jesmond Darmanin - Date: 2008-06-14 - Word Count: 458 Share This!

With every advancement in anti spam software, the spammers become more desperate and more inventive. They have even discovered how to take advantage of standard operations of most e-mail servers.

It's called NDR (Non Delivery Receipt) Spam or backscatter. Have you ever received a message in your inbox saying that something you sent was undeliverable or bounced? Spammers are now using this courtesy response to get their information in your inbox. They send e-mails to addresses that do not exist, and say that it is from you. Or they use your e-mail address as the sender for their entire, enormous mailing list. Then when any messages bounce back they are sent to your e-mail address. This is possible simply because email servers cannot authenticate that the person sending the message is in fact the owner of the address being used.

How would a spammer get these e-mail addresses? It is not unusual for a company or person to post a contact e-mail address on a company or personal website. Spammers can collect these, and use them as their own address for their enormous mailing lists, thereby eliminating the need them to deal with the inevitable 'Return To Sender' NDR e-mails.

This type of spam can be quite dangerous. Because technically the message is coming from the reader's own mail server, the chances of them opening it, and anything that might be attached, is much higher then with your typical spam. And for the exact same reasons it is considered much more insidious as well because it's much harder for a spam blocker to filter out. The most likely outcome of NDR spam is that a single domain will be spoofed as the sender of a spam message, and then be inundated by NDR messages from the long list that the message was sent to, overwhelming a company's exchange server. At its simplest it can overwhelm an exchange server, and force a user to waste time sorting through their inbox.

Little can be done by an individual to eliminate this type of spam, but an internal IT manager can turn off the option to have NDR messages produced at the mail sever. Spam filters can also be put in place to delete any messages that contain frequently used spam content, or subject-line only messages with no content. This can make it a little more difficult for users to send and receive their e-mail, but if they are made aware of the restrictions necessary to maintain optimum operations, problems can often be avoided.

In general this type of spam causes a significant nuisance to users and system administrators, but as with other types of spam, the technology is even now being developed and implemented to put another road block in the way of backscatter.


Related Tags: anti spam, backscatter, ndr spam, non delivery report

Jes Darmanin works at GFI Software: a company that creates professional anti spam software for servers. More information about GFI MailEssentials - The leading server antispam solution on http://www.gfi.com/mes

Your Article Search Directory : Find in Articles

© The article above is copyrighted by it's author. You're allowed to distribute this work according to the Creative Commons Attribution-NoDerivs license.
 

Recent articles in this category:



Most viewed articles in this category: