Dealing with s-p-a-m "backscatter"

[Jeff Giacobbe <giacobbej () MAIL MONTCLAIR EDU>]

Colleagues-

Like many of you, we have been experiencing an increase in spam-related
"backscatter" (non-delivery notifications sent to the victim of a
spoofed email address)

The incidents are still few in number, thankfully, but when they do
occur to one of our users they often receive *thousands* of non-delivery
notifications, usually within a 24hr period. The onslaught of messages
is not only a nuisance but is often crippling to the victim as they wade
through all that junk in their Inbox.

I have followed various discussions on this topic but so far have not
seen a clear solution other than simply blocking all inbound
"non-delivery" notifications (and presumably other related SMTP
diagnostic messages) at our gateway. While that would certainly fix the
immediate problem, it would also mean legitimate non-delivery messages
(i.e. a simple typo in an address) would never get sent back to our users.

Has anyone come up with a more creative way to block the spam
backscatter while allowing the legit non-delivery SMTP notifications to
come through?

Thanks,

Jeff Giacobbe
Director of Systems, Security, Networking
Montclair State University