100 Email Bouncebacks - Welcome to Backscattering

distefano links to a story on Computerworld, excerpting: "E-mail users are receiving an increasing number of bounceback spam, known as backscatter, and security experts say this kind of spam is growing. The bounceback e-mail messages come in at a trickle, maybe one or two every hour. The subject lines are disquieting: 'Cyails, Vygara nad Levytar,' 'UNSOLICITED BULK EMAIL, apparently from you.' You eye your computer screen; you're nervous. What's going on ? Have you been hacked? Are you some kind of zombie botnet spammer? Nope, you're just getting a little backscatter — bounceback messages from legitimate e-mail servers that have been fooled by the spammers."

Re:De-standardize, and make it worthwhile.

[erikina]

Ugh, care to elaborate? Anyway, I think the solution is simple. Just publish a giant list of all mail servers not configured properly. It wouldn't be hard to write a script, to verify if a domain is configured or not. It would function as a name and shame list. But more than that, all spammers would harvest from it, and absolutely smash the listed servers until they were forced to configure them properly.

Easy filtering solution

[Richard+W.M.+Jones]

There's an easy way to filter out backscatter while preserving bounce messages that you care about (ie. ones about email that you actually sent):

1. Add your own custom header to all your outgoing emails. Doesn't matter what it is, but it should be unique, eg. 'X-Really-From-Richard-Jones: xsomesecretx'

2. MTAs include the original headers in bounce messages, so discard bounce messages which don't contain your custom header.

You can even be smart and sign the header based on the content of the email using a private key, which would make it unforgeable, but at the moment you don't need to do that.

Rich.

Re:De-standardize, and make it worthwhile.

[FatdogHaiku]

How about we change the delivery method. Instead of an email being sent to me and sitting on my server or service waiting for me to sort it, you send me the headers for the sender, subject, size, date, and attachment status while the message and attachments sit on YOUR server until I chose to pick it up or it expires. The reduction in bandwidth should pay for the increase in storage, and the spammers would have to leave their message sitting on a machine somewhere waiting for me to pick it up (hint, not gonna happen).
1. No servers flooding the net with messages.
2. Easily identifiable spam sources, making bot-nets less useful.
3. Reduced bandwidth as the system replaces the old one.
4. Allow email clients and webmail services to be configured retrieve every message for the few numb nuts that don't/won't get it.
5. Profit (via reduced long term cost).
Just spitballing...