Coming up with an embedded code to filter out bounce-message spam, Astaro Corporation, a vendor of integrated security solutions, has announced that Astaro Security Gateway (News - Alert) can detect and block what is known as “backscatter.” Backscatter refers to messages they appear to have been sent by the user and bounced back. In reality, they are engineered by the spammer to skip various anti-spam checks.

 

By creating false bounce messages that seem real enough, spammers look to deceive recipients into clicking on the emails. They use a valid domain to send the message to an invalid recipient and set the target address set in the “From:” field. By doing this, they ensure the message is bounced back to the intended target. Due to the legitimate-looking nature of this type of message, it has a very high open/read rate compared to normal spam.

 

Apart from luring the users to click the spam mails, the spammers also manage to bypass inferior spam settings of email providers. Many mail filters automatically pass bounce messages through their various anti-spam checks in order to ensure delivery of the notification-style message to users. Thus, the likeliness of the reader actually reading the junk mail increases, and the spammer has achieved his goal.

 

To counter this spamming technique, Astaro (News - Alert) Security Gateway implements an open source solution called BATV (Bounce Address Tag Validation). It inserts an encrypted signature into the hidden header of every outgoing mail message. So, every time a bounced email comes to an Astaro product, the product will first look for the signature. If the signature is missing, the solution is able to decide, with great certainty, that the email did not belong to the sender and dispose of it.

 

Enabled by default in the Astaro Security Gateway, BATV can be toggled by way of a single check box. In addition, advanced users with a need for a greater level of control are able to manually modify the BATV specifications.

 

“While rare, administrators of those domains that have any issues with BATV can make use of a granular exceptions list that can be used to remove senders, recipients, or entire domains from BATV and/or our other checks,” explains Astaro Product Evangelist Angelo Comazzetto.