[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


backscatterer.org  fake or serieus?

Posted on 2011-05-11
Medium Priority
Last Modified: 2012-08-14
Hello Experts,

Some providers are listed on backscatterer,org,
They say they don't want to pay a criminal organisation for removal.
But after some investigation it don't seem malicious at all and mean you are sending NDR to the spammin sender.  
Now i get conflicting information about the matter.
So my question is simpel, do i have to take www.backscatterer.org serious or not.

Becouse now i cannot use "ip reputation in my spamfilter" becouse of it.
Question by:bastouw

Assisted Solution

StephenMSExchange earned 664 total points
ID: 35737229
If you are sending NDRs back at spammers, you should take steps to identify which addresses are Harvest Attacking you and block them in your delivery settings.

As for backscatterer.org, many organizations do not use them for reputation blacklisting, but some do. You can ignore them and make sure no one else is blacklisting you, and they should delist you eventually. You could always pay them as well... They are definately one of the 3-4 lists, you never want to get on.

Go to mxtoolbox and check your SMTP server's reputation. If they are the only one that are blocking you then you do not have much to deal with.

Do take care of the NDRs before a big ISP starts blocking your email and look up the spammers hosted domain. Then report the spamming to their abuse email address.

Author Comment

ID: 35738662
Wel, the problem is that Cyberoam, Who make state of the art next-gen routers, does use these
lists,  simular to  http://www.commtouch.com/check-ip-reputation .

i stil have RBL en de RPD also as options, and can make my own black-list-list. but that is not the issue.

I wonder if it is reasoneble to ask a hosting provider to remove them selfves from this list or els we will move the domain to an other hosting provider,  or is the hosting provider in question in its right to express: we don't pay to get of a list?

Is it normal to pay if you wat to be removed immidiately? is this normal?  
LVL 42

Assisted Solution

by:Paul Solovyovsky
Paul Solovyovsky earned 668 total points
ID: 35762423
It's a racket.  You can do this yourself and many times unless you resolve the issue that caused you to get on one of these lists you'll get put right back on.
LVL 76

Accepted Solution

Alan Hardisty earned 668 total points
ID: 35763715
Backscatterer.org is a serious site aimed at identifying mail servers that are configured incorrectly.

If you don't have recipient filtering enabled and then accept messages, then your server rejects the message because the recipient is not found, your server will send a NDR message back to the sender.  This is all well and good when the sender of the message is a genuine sender.

When the sender is a spammer and they have forged the From address, then you will be returning NDR messages back to people who haven't actually sent you a message, thus you are effectively spamming them.

To resolve this, you should enable Recipient Filtering on your server and this will stop the problem dead in it's tracks.

There are circumstances where your mail is sent via a 3rd party spam filtering host and then they send the filtered mail on to you.  If they don't Filter Invalid Recipients, then you will be rejecting the messages and also sending back an NDR message back.

With Recipient Filtering enabled, the onus is on the sender to produce the NDR message not the Recipient Server, so Backscatter does not happen and you won't get listed on the Backscatterer.org website and have mail-flow problems.

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
MS Outlook undoubtedly is the most widely used email client.Its user-friendliness, cost effectiveness, and availability with Microsoft Office Suite make it the most popular email application.  Its compatibility with Microsoft applications like Exch…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question