• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Preventing spam email backscatter from reaching user inboxes

S

seepy83

Platinum Member
We've been getting a lot of misdirected bounces (backscatter) from spammers spoofing their messages to look like they're coming from our user's email addresses.

I haven't done a lot of research on this, but wouldnt it make sense for a Mail Server (Exchange, in our case) to keep a record and know whether or not there was a message sent from our user to the address that is being bounced back? If the original message was not sent, then the message could be droped.

Is there any product that does this?
 
No, it doesn't catch them.

We run Trend Micro A/V, A/S, etc Scans on SMTP traffic at our Firewall.
SMTP traffic then goes to our Email Firewall (Tumbleweed) that runs McAfee A/V scans and a Dynamic Anti-spam engine.
Exchange IMF is set to drop messages with an SCL > or = 6, and move to Junk Email with an SCL > or = 4.

In general, our users really never get spam in their inbox. the Anti-Spam scans that Tumbleweed does catches pretty much everything. The only exception to that are these backscatters that come through becuase the original Spam message was spoofed to come from an address here.
 
Seems like the AV/AS at your firewall should be catching those.

There should be a way to identify an email with those characteristics and just drop them when they hit the incoming interface of your firewall.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top