Web Host Chat - View Single Post

LeaUK · 5th April 2008

Hi all

Some techy comment from me which may benefit other new starters - instead of me asking questions as normal ;-)

Recently we had quite a few domains hit hard by email backscatter and wanted to add some limited protection for our clients. For those new and haven't come across backscatter, take a quick read here:

http://en.wikipedia.org/wiki/Backsca..._of_email_spam
http://spamlinks.net/prevent-secure-backscatter.htm
http://backscattervictims.blogspot.com/
http://www.spamnation.info/notes/gui...catterFAQ.html

In order to identify backscatter and keep false positives to a minimum a two prong attack was required, one that used both the DBL backscatterer.org AND to monitor email headers for various tell-tale signs of backscatter.

The reason for this is that we found using backscatterer.org alone produced too many false positives, so by adding a check for common header information relating to NDRs we successfully achieved the goal.

Info on typical header info can be found in last link above.

Hope this helps someone else too.
Lea

5th April 2008	#1 (permalink)
LeaUK Trusted User (524) Platinum User Join Date: Jun 2006 Location: UK Age: 34 Posts: 515	backscatterer.org and NDRs Hi all Some techy comment from me which may benefit other new starters - instead of me asking questions as normal ;-) Recently we had quite a few domains hit hard by email backscatter and wanted to add some limited protection for our clients. For those new and haven't come across backscatter, take a quick read here: http://en.wikipedia.org/wiki/Backsca..._of_email_spam http://spamlinks.net/prevent-secure-backscatter.htm http://backscattervictims.blogspot.com/ http://www.spamnation.info/notes/gui...catterFAQ.html In order to identify backscatter and keep false positives to a minimum a two prong attack was required, one that used both the DBL backscatterer.org AND to monitor email headers for various tell-tale signs of backscatter. The reason for this is that we found using backscatterer.org alone produced too many false positives, so by adding a check for common header information relating to NDRs we successfully achieved the goal. Info on typical header info can be found in last link above. Hope this helps someone else too. Lea __________________ Registered User Last edited by LeaUK : 5th April 2008 at 11:49 AM.