If you receive error messages on your mailbox for messages that you have not sent to this recipient, it is called bounce spam. This can be very annoying.
In 1982, the SMTP protocol was developed for e-mail communication. Spam was not a major problem at this time, so there was no need to include security measures in the protocol. For this reason, the SMTP protocol does not check whether the sender actually exists on the sending mail server or not.
In order to test how a security system works and to bypass it, spammers usually use randomly generated addresses as senders. With this method, spammers can easily bypass simple spam filters that only check the sender using a blacklist, for example. In case of better spam filters it is necessary that the sender's address actually exists, because they check the sender. Therefore, it is important that spammers use existing sender addresses.
How is a bounce message created?
If a mail server is set correctly, it can't actually cause bounce spam. Instead, the spammer's messages are rejected with a 5xx error code.
If a mail server is not configured correctly, a spammer can use this and try to send a message with your email address as the sender to an unknown recipient. The badly configured mail server accepts the message and tries to deliver it. Then the server detects that the destination address does not exist and sends a bounce mail to your email address because it incorrectly believes that you are the sender. Unfortunately, these bounce messages cannot be prevented because they originate from legitimate mail servers.
Domains with "catch-all"function
If a spammer detects that you have the "catch-all"feature enabled on your server, it can easily generate millions of bounce messages with different valid addresses. In order to prevent abuse of your domain, we recommend that you always deactivate this "catch-all"function.
In order to reduce the attractiveness of your domain for such an abuse, you can make an SPF entry in the DNS settings of your domain. Signing your message with a DKIM certificate can also help to reduce the attractiveness of your domain for spammers.
Another way to avoid this type of spam is to add a special tag (Bounce Address Tag Validation) to your outgoing messages. A cryptic token is attached to the e-mail address responsible for receiving error messages (= bounce). This ensures that you can identify whether this bounce message is actually the response to a message you have sent.
In order to use this method effectively, you need to use both the inbound and outbound filters for your domain. All outgoing messages must be sent via our outgoing filter servers. Outgoing messages are sent with a signed bounce address. As soon as a bounce message is received for this address that does not have the correct signature, it is rejected by the filter.
Please note: If you use BATV only for incoming messages and do not sign your outgoing messages accordingly, all bounce messages will be rejected by the filter. This also applies to legitimate reports.