Backscatter from Microsoft Exchange

As I have talked about before, backscatter is an annoying menace. Backscatter messages are sort of "ghost" bounces that come back to you, from sites that you've never sent mail to. It typically happens because a spammer is forging your email address or domain in spam, and the receiving mailserver is configured in a way that allows it to accept all mail before validating whether or not that mail can be configured. I get thousands of these "backscatter" bounces everyday, and, to put it bluntly, they suck.

In my ongoing research on how to advise backscatter-spewing sites how to change their configurations to stop this kind of thing from happening, I recently ran across this very useful blog post from a guy named Alan Hardisty. In his post, he explains how to make sure you Microsoft Exchange 2007 or 2010 server doesn't send backscatter. Turns out, it's as simple as typing "Set-RecipientFilterConfig -RecipientValidationEnabled:$true" in the Exchange Management Shell.

Exchange admins, if you don't already have your server configured this way, please change it over! The rest of us email admins out here on the internet will thank you for it.

1 comment:

  1. This works when your exchange 2007+ server has access to Active Directory in order to validate the account's existence.
    If you have an Edge Exchange 2007+ server that doesnt have access in your AD then you have to find other ways like this one from the same author http://alanhardisty.wordpress.com/2010/03/08/prevent-spam-mail-from-your-own-domain-in-exchange-2007/

    ReplyDelete

Comments policy: Al is always right. Kidding, mostly. Be polite, and you're welcome to join in, even if it's a differing viewpoint.