A Good Reason To Outsource Anti-SPAM

June 10, 2008

As reported by e-Week in this article called Backscatter Spam is Back. A recent report by Symantec outlines a resurgence in an old SPAM attack vector called “backscatter”.

How it works is this, you accidentally miss-spell a friends email address, that friends email server sends you back a message called an NDR, (or Non-Delivery Report) saying something like “email address xyz@company.com does not exist.”

In your case – you realize that you spelled the email address incorrectly, so you send it again.

However, in some cases, by using that NDR functionality, these SPAM operators can manipulate the FROM email address fields of their SPAM messages, send it to that email server, and just let that email server do all the work of forwarding it all over the world.

As well as the extra load and bandwidth that can cause your network to grind to a slow death, there is the risk that because the NDR contains a “real” name of “you@yourcompany.com”, some of your partners or suppliers anti-spam tools may allow that to pass to those same partners.

(Out-of-Office Messages can be manipulated in this same way)

As the above article states, correct configuration of your email server goes a long way in protecting your from this, but to help that along, make sure that you have an excellent internal or hosted anti-spam system. Stop the crap before it even reaches your email server. I use a hosted service that costs a couple of dollars per mailbox. Well worth it.

The numbers change weekly, but Symantec states that currently about 80 + percent of email on the Internet is SPAM. You know some is coming at you, you don’t want your email server helping them out.

You can subscribe to this blog by clicking the RSS icon on the Home Page!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s