Backscatter Spam

"I just checked my email and I have received hundreds of emails of bouncebacks or non-deliverable emails. They look like spam. What is happening? Did someone hijack my account??"

What you are experiencing is what is called "backscatter spam". Your account is not hijacked. Spammers can place any email address they choose to in the "From" field of spams they send out, such as your email address. If the person they are sending to doesn't exist, or rejects the message, it bounces back to the person in the "From" address, which in this case happens to be you. If this happens a lot within a short period, you will receive many failure / non-delivery notices. It is an extremely difficult, complicated problem, and there is very little that service providers including Beanbasket can do about this. Do a Google search on "Backscatter Spam" or read this FAQ, which can explain the issue in more detail:

http://www.spamnation.info/notes/guides/BackscatterFAQ.html

"What can Beanbasket do about this?"

Unfortunately the short answer is "very little". Here is a list of suggestions that may slightly lower the amount of backscatter spam (and spam in general) that comes to your account:

• Sign up for Beanbasket's spam filtering. Although this will not prevent you from getting backscatter spam, it has has greater chance of being flagged as spam and not ending up in your inbox.
• Create (or have Beanbasket create for you) an SPF record. Additional explanation is below this list. Also see http://old.openspf.org/faq.html#basics
• Only give out your email address to friends, family, and trusted business partners if possible.
• Make sure to uncheck yourself if given the option to "Sign up" to someone's mailing list.
• If at all possible, avoid or limit placing email addresses on your web page. Site scanning is a way that spammers harvest email addresses to put on their lists.

Creating an SPF Record

If Beanbasket manages your DNS, it is possible for us to create an SPF record. But, in order to not create new problems, we must know all the IP address or names of every mail server that would ever be sending out mail from someone@yourdomain.com. This includes (but may not be limited to) the values you put into your email program settings for the "Outgoing (SMTP) server" fields. If in all cases, this is mail.yourdomain.com, then it is pretty easy to create this. But sometimes, email users at yourdomain.com may have their email programs set up to use their ISP's mail server (e.g. mail.sbcglobal.net, smtp-server.new.rr.com) to send mail out. If you don't want to have mail these people send rejected by other mail servers, then we must include mail.sbcglobal.net in the SPF record as well as mail.yourdomain.com. So, if you would like an SPF record created for your domain, Beanbasket needs to know all the values for "Outgoing server" in all the email programs that anyone who sends email from yourdomain.com uses. If not all outgoing server names are included in the SPF record, you run the risk of having legitimate mail you send get rejected by other servers.

Also, keep in mind that an SPF record may only stop a very small fraction of spam email. It may not be worth the risk of having legitimate mail rejected (if you miss an outgoing server in the SPF record). You may just want to accept that spam and backscatter spam are going to occur just as a fact of life on the Internet. In fact, each one of us here at Beanbasket has received hundreds or thousands of backscatter spam messages at one time or another. The good news is that it stops after a few minutes or hours.

For information on how to manage your existing spam and virus filtering setup, please visit the page below.

To sign up for Spam and Virus Filtering or to create an SPF record, please contact us here.