Showing results for 
Search instead for 
Did you mean: 
Level 7

Stopping backscatter attacks?

Does anyone have a better solution or process to stop backscatter attacks besides using BATV since it can produce a lot of false positives? 

0 Kudos
2 Replies
Level 10

Re: Stopping backscatter attacks?

What kind of false positives are you getting?  If this is occurring, it's possible there is a misconfiguration somewhere that needs to be addressed.

Beyond that, you could make a policy based off the sender address being null(<>) and have some stricter spam rules.  You would want to be careful with this so that this policy does not trigger on outbound mail.  Hope this helps.  Thanks.


0 Kudos
Level 10

Re: Stopping backscatter attacks?

Do you have an SPF and/or Sender ID record in DNS for your domain and, if so, are you using "~all" or "-all"?  If you are able to use "-all" (for a hard fail of messages from senders not authorized to use your domain) that might help nip the problem in the bud--but only for receiving mail servers who utilize these features for message reputation.