2 Replies Latest reply on Aug 14, 2015 12:22 PM by runcmd

    Stopping backscatter attacks?

    itman123

      Does anyone have a better solution or process to stop backscatter attacks besides using BATV since it can produce a lot of false positives? 

        • 1. Re: Stopping backscatter attacks?
          jmickley

          What kind of false positives are you getting?  If this is occurring, it's possible there is a misconfiguration somewhere that needs to be addressed.

           

          Beyond that, you could make a policy based off the sender address being null(<>) and have some stricter spam rules.  You would want to be careful with this so that this policy does not trigger on outbound mail.  Hope this helps.  Thanks.

           

          --jake

          • 2. Re: Stopping backscatter attacks?
            runcmd

            Do you have an SPF and/or Sender ID record in DNS for your domain and, if so, are you using "~all" or "-all"?  If you are able to use "-all" (for a hard fail of messages from senders not authorized to use your domain) that might help nip the problem in the bud--but only for receiving mail servers who utilize these features for message reputation.