Wornex International Email Services: forwarding & backscattering

What is backscattering?

Backscatter (also known as outscatter, misdirected bounces, blowback or collateral spam) is caused by automated bounce or forwarded email messages sent by one mail server to another, typically as a side effect of incoming spam.

What is email forwarding?

It's not uncommon for clients to ask us to forward mail from their own domain to an external email address, for example: gmail.com.

The path of an email sent from Sender to user@domain.com and forwarded to user@gmail.com would be:

Sender -> FROM: user@domain.com -> TO: user@gmail.com
This will work fine, until spam comes into the picture.

The issue with spam is that if spam is not correctly identified, or the Sender's email is whitelisted, Wornex email servers will forward (relay) spam to another provider, i.e. gmail.com. Gmail.com could then think the spam is originating from Wornex, and not from the original Sender. Thus Wornex will get its IPs blacklisted from gmail.com (even though the spam came from somewhere else).

Another issue is that, if Gmail then thinks that the message is spam, it may be refused (bounced) at the gmail server, thus returning it back to Wornex mail servers to figure out what to do with. Since the Sender is not managed by Wornex, and the final recipient is Gmail (which refused to receive such email), Wornex tries to send an error message to the original Sender. This mail error mesage generated by Wornex is delivered to an email address that is most likely fake/spoofed (mail headers or From address of Sender can be very easily spoofed). This causes "backscatter", where mail servers return a message to an address that was not the actual sender. This backscatter is also a potential hazard to getting our IP blacklisted by mail servers of the "Sender's spoofed email address.

Why Wornex does NOT forward email to external domains?

While backscattering can be easily managed when forwarding occures from one Wornex email server to another mail server also managed by Wornex (or from one mailbox managed by Wornex to another mailbox also managed by Wornex) other email providers who see spam messages received by our customers and forwarded to their mail servers, see them as a form of unsolicited bulk email.

When forwarding spam received by Wornex to another provider mail system, the other provider may enlist Wornex IPs on various Blackhole Lists (RBL), and this may block Wornex customerst to send legitimate email to other providers as well. backscattering generated by email forwarding can block all legitimate email of our customers from being sent by Wornex mail servers.

Conclusions

In order to keep our IPs clean and not to be subject to blacklisting either by the "Sender" and by the "Forwaded-to" email servers, Wornex policy does not allow forwarding of email to domains whose MX records (i.e. incoming mail servers) are not managed by Wornex.

Mail forwarding can be ordered only if both the Recipient and Forwarded-to email addresses are managed by Wornex.

Further references:

   




For more information please contact: support@wornex.com
© 2016- Wornex International (Ireland), Dublin, Ireland - All rights reserved - Wornex International (Ireland) is a business name registered by Milano Ventures Ltd., registered in Dublin, Ireland, no. 593079 - Tel. +353 1 9069231 - Privacy policy