Backscatter Protection in SecurityGateway

As we discussed in an earlier post, messages that users may receive in response to messages they never actually sent (due to their email addressed having been forged in a spam message’s return-path) are known as backscatter. In that post, we discussed what backscatter is and explained how to enable Backscatter Protection in MDaemon.

In today’s video tutorial, I show you how to enable Backscatter Protection in SecurityGateway.

Do you have questions or comments? Let us know via the Comments section below, or if you need support or further assistance, several options are available for you via our Support page.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Malwarebytes False Positive Causing MDaemon DKIM Issues

Our friends at Zen Software posted about an issue with Malwarebytes false positives causing some DKIM issues for MDaemon. What may happen is that MDaemon may start blocking all inbound email because it’s seeing false results that a DKIM message check has failed. This is not an MDaemon problem. What’s happening is that the libdkim.dll file that MDaemon uses as part of the DKIM check is being blocked by Malwarebytes. The solution is simple. Simply exclude the MDaemon directory from real-time or scheduled antivirus checks.

You can read the original post here on Zen Software’s blog.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Are You Receiving Replies to Messages you Never Sent?

Image "Return to Sender"

Have you ever logged into your email to find tons of bounce-back messages (out-of-office replies, NDR messages, invalid recipient messages) in response to messages you never sent? For many users, their first thought is that they need to change their email password. However, changing your email password will not prevent this. Why? Because what you are receiving is known as backscatter, and has nothing to do with your email account being hacked.

Spammers often forge the return-path in their outbound messages to cover up their true identity. If the forged address in these spam messages was your address, then you are likely to receive the bounce-back messages and auto-responders in response to these messages.

So how do you prevent this? MDaemon includes Backscatter Protection. Backscatter Protection works by adding a special key to the return-path of all outbound mail. When MDaemon receives an out-of-office reply or non-delivery message, it looks for that special key. If the key is missing, then we know the bounce-back message is not legitimate and can be discarded.

When Backscatter Protection is disabled, the return-path of a message looks like this:
X-Return-Path: frank.thomas@example.com

When Backscatter Protection is enabled, an extra series of characters beginning with prvs= is added to the return path – like this:
X-Return-Path: prvs=163898ff65=frank.thomas@example.com

It is this extra series of characters that the Backscatter Protection feature looks for in bounce-back messages.

Check out the following video to learn more about Backscatter Protection and how to enable it in MDaemon. If you have questions, please feel free to leave us a comment & let us know!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •