2
Can we protect against email bounce attacks?
Question asked by YS Tech - 7/21/2024 at 3:35 AM
Unanswered
This is becoming more of a problem.
Do we have a way of setting up a bounce attack prevention seed or is there a setting already in SM that I'm missing?

2 Replies

Reply to Thread
0
Douglas Foster Replied
I have a commercial product that does BATV encoding to detect false bounces, but it catches nothing.    That product only detects a bounce if the message includes a Return-Path header pointing to the recipient domain, and lacks the BATV pointer.    The attack messages do not have that header, and my product assumes that some legitimate messages may have a null sender without being a bounce.

Defenses against both null sender attacks and *.onmicrosoft attacks were discussed together on this topic from January:

I recommend configuring an Incoming Gateway to do your spam filtering, using a product that has more features than SmarterMail provides.   My installation uses Declude.  I embraced it because of the flexible rules engine that supports multiple-attribute rule, and the abillity to extend its features with callouts to external programs or scripts.  If you have a server avaiable to run the gateway software, MailsBestFriend can get you going pretty quickly on Declude (old product) or Declude Reboot (its replacement) at modest cost.    

Awhile back, I put together a review of the SmarterMail anti-spam features, because I found the documentation inadequate.   That write-up is here:

Hope this gives you some options.
0
YS Tech Replied
Thanks Douglas, I do use declude (old version). So I'll have a look at that.

Reply to Thread