Backscatter from Microsoft Exchange


As I have talked about before, backscatter is an annoying menace. Backscatter messages are sort of "ghost" bounces that come back to you, from sites that you've never sent mail to. It typically happens because a spammer is forging your email address or domain in spam, and the receiving mailserver is configured in a way that allows it to accept all mail before validating whether or not that mail can be configured. I get thousands of these "backscatter" bounces everyday, and, to put it bluntly, they suck.

In my ongoing research on how to advise backscatter-spewing sites how to change their configurations to stop this kind of thing from happening, I recently ran across this very useful blog post from a guy named Alan Hardisty. In his post, he explains how to make sure you Microsoft Exchange 2007 or 2010 server doesn't send backscatter. Turns out, it's as simple as typing "Set-RecipientFilterConfig -RecipientValidationEnabled:$true" in the Exchange Management Shell.
  
Exchange admins, if you don't already have your server configured this way, please change it over! The rest of us email admins out here on the internet will thank you for it.
Post a Comment

Comments