Tuesday, February 4, 2014

Backscatter

Backscatter (also known as outscatter, misdirected bounces, blowback or collateral spam) is incorrect automated bounce messages sent by mail servers, typically as a side effect of incoming spam.

Recipients of such messages see them as a form of unsolicited bulk email or spam since they were not solicited by the recipients, are substantially similar to each other and are delivered in bulk quantities. Systems that generate email backscatter can end up being listed on various DNSBLs and be in violation of internet service providers' Terms of Service. Backscatter occurs because worms and spam messages often forge their sender address, and mailservers configured by naive administrators send a bounce message to this address.

Measures to reduce the problem include avoiding the need for bounce message by doing most rejections at the initial SMTP connection stage; and sending bounce messages only to addresses which can be reliably judged to have not been forged.

Contents

1 Cause
2 Reducing the problem
2.1 Preventing email address collection
2.2 Connection-stage rejection
2.3 Checking bounce recipients
2.4 Filtering backscatter
3 See also
4 References
5 External links

Cause

Authors of spam and viruses wish to make their messages appear to originate from a legitimate source to fool recipients into opening the message so they often use web-crawling software to scan usenet postings, message boards, and web pages for legitimate email addresses.
Due to the design of SMTP mail, recipient mail servers receiving these forged messages have no simple standard way to determine the authenticity of the sender. If they accept the email during the connection phases then, after further checking refuse it - for example because they believe it to be spam they will use the (potentially forged) sender's address to attempt a good-faith effort to report the problem to the apparent sender.

Mail servers can handle undeliverable messages in three fundamentally different ways:

Reject. A receiving server can reject the incoming email during the connection stage while the sending server is still connected. If a message is rejected at connect time with a 5xx error code then the sending server can report the problem to the real sender cleanly.

Drop. A receiving server can initially accept the full message, but then determine that it is spam, and quarantine it - delivering to "Junk" or "Spam" folders from where it will eventually be deleted automatically. This is common behaviour, even though RFC 5321 says: "...silent dropping of messages should be considered only in those cases where there is very high confidence that the messages are seriously fraudulent or otherwise inappropriate..."

Bounce. A receiving server can initially accept the full message, but then determine that it is spam or to a non-existent recipient, and generate a bounce message back to the supposed sender indicating that message delivery failed.
Backscatter occurs when the "bounce" method is used, and the sender information on the incoming email was that of an unrelated third party.

Reducing the problem

Every step to control worms and spam messages helps reduce backscatter, but other common approaches such as those in this section also reduce the same problem.

Preventing email address collection

It is common to attempt to obscure email addresses in a manner that is not easily machine-readable. Several methods are available, such as simply not using a standard text format (john (at) example.com) or using a bitmap image of the address rather than raw text. More complex address obscuration methods are available, such as encoding the addresses using a substitution cipher, embedded as program code within a tiny javascript or Adobe Flash program for each address, which when clicked, opens a temporary window and sends the decoded mailto: address to the local email client, but all such obscuration methods can potentially be attacked by spammers in the same manner as CAPTCHAs.

Connection-stage rejection

During the initial SMTP connection mailservers can do a range of checks, and often reject email with a 5xx error code while the sending server is still connected. Rejecting a message at the connection-stage in this way will usually cause the sending MTA to generate a local bounce message or Non-Delivery Notification (NDN) to a local, authenticated user.
Reasons for rejection include:

- Recipient validation
- Anti-forgery checks such as SPF, DKIM or Sender ID
- Servers that do not have a forward-confirmed reverse DNS entry
- Senders on block lists.
- Temporary rejection via greylisting methods

Mail transfer agents (MTAs) which forward mail can avoid generating backscatter by using a transparent SMTP proxy.

Checking bounce recipients

Mail servers sending email bounce messages can use a range of measures to judge whether a return address has been forged.

Filtering backscatter

While preventing backscatter is desirable, it is also possible to reduce its impact by filtering for it, and many spam filtering systems now include the option to attempt to detect and reject backscatter emails as spam. In addition, systems using schemes such as Bounce Address Tag Validation "tag" their outgoing email in a way that allows them to reliably detect incoming bogus bounce messages.

© Wikipedia, the free encyclopedia

Song Chun

How is life with you over there?

Please considering the fact that I sourced your email from the peoples search database on the web during my discrete search for a foreign partner whom can assist..My name is Mr. Song chun; I am the Head of Operations at Dah Sing Bank, Hong Kong. My business proposal for you is to assist me transfer US$12.8 million from my bank in Hong Kong to a foreign bank if willing. After the successful transfer,our sharing ratio will be 40% for you and 60% for me.

This money was deposited by my client Mr. Yoshi Yuu, who lost his life along with his family in the massive Earthquake and Tsunami disaster that destroyed avast area of Japan on the date 11th March 2011. According to the law in my Country, after nine months the Hong Kong Government would come for the funds if nobody applies to claim the money. Should you be interested, please respond immediately to my private email:(song_chun78@accountant.com) with the following information for documentation purpose by the attorney:

Your Complete Name:
Current Residential Address:
Mobile/cell Number:
Your Occupation:
Your Age and Sex:

I look forward to hearing from you.

Best Regards,
Mr. Song Chun

Mr Adnan Khashoggi - Charity/Investment Project

My name is Mr Adnan Khashoggi, a merchant in Saudi Arabian . I have recently been diagnosed with Esophageal cancer, which has defiled all medical treatment. Expert diagnosis has shown that I have few months to live.

The intention of this email is to employ the expertise of a business entrepreneur, who can identify a viable investment and guarantee reasonable returns on my wealth. I cannot rely on his closest relatives any more, as they did not show responsible behaviour two years ago when I entrusted half of my wealth to them to invest on his behalf. They thought I wouldn't survive the operation and then used the money for their personal needs.

The last of my money which no one knows of is the huge cash deposit of USD$75 Million dollars. I will want you to help me collect this deposit,I have set aside 10% for your time and effort.

To prevent any more mishaps, my attorney will act as a check, monitoring every aspect of the investment. Funds should be split in half and distributed to charity organisation and the other half, as investment for my son.

If this interests you, please reach me on this email address: adnan.khashoggi@aim.com to discuss terms and compensation.

Kind regard

Mr.Adnan Khashoggi.

From Microsoft NI - re: claim

Winner No. 009,

It is obvious that this notification will come to you as a surprise but please find time to read it carefully as we congratulate you over your success in the following official publication of results of the E-mail electronic online Sweepstakes organized by Microsoft Corporation, in conjunction with the foundation for the promotion of software products, (F.P.S.) held in Amsterdam- The Netherlands. A Payment of 815.810.00 Euros ( Eight hundred and fifteen Thousand, Eight Hundred and Ten Euros only ) will be paid in your name.

It is important to note that your award was released with the following particulars attached to it.

(1) File Number: MS1267-2014
(2) Grant Number: MIWT/11846563459/266
(3) Ref. Code: KB23/857/MCL5 /CO

Forward The above Information as Listed to Microsoft Agency NL.

Microsoft Group Agency NL:
Director: Dr.David Bengal
Contact Email: msoftagency@aol.com
Tel: +31 659 216 095

Soon as the Above Information is received through E-mail to: msoftagency@aol.com , your payment will be processed and paid to you.

Sincerely,
Mrs. Angela Banks

Director Of National Warehouse - From The Desk Of : Dr. Paul Hanson

Hello Sir / Madam!!!

Firstly, I wish to introduce myself as a sympathizer of your situation. I am the Controller of Fund Movement Terminal and Director of national warehouse where abandoned fund/valuables consignments are dumped.

This is to inform you that fresh arrangement was made by me to conclude the shipment of your consignment of funds to your country. I choose to do it and make sure it has left the shores of Ghana already before contacting you. I found out that this consignment has been lying here because of lack of contact and none payment of delivery cost This is why I decided to use my connections as the Delivery/Shipment officer in charge of the National Security warehouse. (This is where all the abandoned consignments in Ghana are kept at the orders of the Government of Ghana for seizure or destruction.

Therefore, this letter is highly confidential and top secret. For this reason,you must not inform anybody about this letter or my contact with you. You must keep my relationship with you to be topped secret and highly confidential because as I have arranged your consignment to the Diplomatic Security Company in Ghana where the delivery will come from to your house, so no one must know so that the fund will not raise an eye brow.

CONDITIONS OF THIS DELIVERY

1. You must keep my relationship with you highly secret/confidential.
2. You must not expose all the above information to anybody.
3. You must be willing to act fast on any information, directives and advice from me and the Diplomatic Security Company in Ghana.

Note: I know the content of the Box because I could see the amount you are being owned by the Federal Government of Ghana as an inheritance. This is why I decided to get involved. You must also know that this arrangement do not concern all the people that you have had contact with in Ghana before today as this consignment/Payment has been surrendered to the Government, Hence my involvement.

As soon as I receive your response, I will give you more details on the way of such arrangements and I will also give you the full contact information of the Diplomatic Security Company in Ghana as soon as you have contacted me.

Therefore, further details will be furnished to you as soon as I receive your reply.

Yours Sincerely
Dr. Paul Hanson
Director Of National Warehouse

PAYMENT VIA ATM MASTERCARD WITH PROOF OF OWNERSHIP

ATM MasterCard Department, Zenith Bank Plc

Attn: Beneficiary

Due to your over-due fund which you have been finding it difficult to receive through a Bank Draft, Bank to Bank Wire Transfer and Western Union Installment Payment arrangements. A meeting was held last weekend as to the problem surrounding the Remittance of your fund, and after all deliberation, the Panel Agreement was to load your fund into a worldwide accessible ATM MasterCard from zenith Bank Plc to you.

The Panel has approved to send you an International Swift (ATM MasterCard) total sum of $2,500.000.00. (Two Million, Five hundred Thousand United State Dollars) Which you are to use in accessing your funds in any ATM Machine location Worldwide with a limit withdraw of $5.000.00 until you complete the total amount loaded.

Be inform that your ATM MasterCard an its papers has been sealed and handed over to our ATM Admin director, Mr Anthony Morrison. He will attache the Proof of Ownership Certificate and the Approval Letter of your funds Via ATM MasterCard with Zenith Bank Plc. Before processing your shipment for usage.Also, according to the shipping arrangement with the Fedex courier service,the director on behalf of zenith bank estimated $250.00 for the shipping security papers an all vital requirement needed to execute this delivery to you for pick up.

Reconfirm the bellow information to start processing your shipment with immediate effect

(1) Your Full Name :
(2) Full Residential Address : (P.O.BOX NOT ALLOWED)
(3) Direct and Current Phone :
(4) Present Country :
(5) passport identification:

Once your details is been received by the Swift zenith ATM Card Center, Mr Anthony Morrison will attache your vital document and further instructions to secure your card and its tracking number from the courier service to your door step. Please endevour to see the vital papers in your name from zenith bank first,before remitting the courier shipping fee for pick up.

Please be regular with your email so we can use 1week to confirm your payment ATM MasterCard with you so you can start usage immediately

Thanks for your co-operation.
Tel-Number: +234-809-227-3438

DAVID C. LEE - RE:VERIFICATION

Hi,

I am David Lee the newly appointed United Nations Inspection Agent in JFK Airport New York. During our Investigation, we discovered An abandoned shipment on your name through a Diplomat from London. which was transferred to our facility here in JFKennedy Airport and when scanned it revealed an undisclosed sum of money in a Metal Trunk Box weighing approximately 55kg each.

I believed each of the boxes will contain more that $4M or above in each and the consignment is still left in storage house till today through a registered shipping Company, Courier Dispatch Service Limited a division of Tran guard LTD. The Consignment are two metal box with weight of about 55kg each (Internal dimension: W61 x H156 x D73 (cm). Effective capacity: 680 L.)Approximately.

The details of the consignment including your name the official document from United Nation office in London are tagged on the Metal Trunk box.If you want us to transact the delivery for mutual benefit, you should provide your Phone Number, full address, to cross check if it corresponds with the information on the official document, also you should provide the name of nearest Airport around you and other details to me for onward delivery.

I want us to transact this business and share the money, since the shipper have abandoned it and ran away.I will pay for the Non inspection fee and arrange for the boxes to be moved out of this Airport to your address, Once we are through i will deploy the services of a secured shipping Company geared to provide the security it needs to your doorstep or i can bring it by myself to avoid any more trouble. But we will share it 70% for you and 30% for me. But you have to assure me of my 30%.

Do respond to me through my direct email : davidlee2014@usa.com for more details.

Best Regards,

DAVID LEE
INSPECTION OFFICE
347 779 9593

LOUIS MIGAN - VERY IMPORTANT

Attention:My dear Friend.

Do accept my sincere apology if my mail does not meet your personal ethics.

Please I want you to kindly receive for me the sum of 5 Million euros in your bank account for investment purpose. I am interested in investing this money in your business or any one of your choice for a period of six years under your management and supervision. This money will be wired into your account when once you inform me you will be my partner and all documents will be changed into your name immediately as the beneficiary of these funds. I apologize if this mail does not suit your personal or business ethics. The funds are available as genuine and will be released after you have shown proven interest in your response to this proposal. Also let me know your Country's tax laws in relation to direct foreign investment. I will give you 35% from the total money of 5 Million and additional 10% profit from the dividend on any investment the money is placed upon. After hearing from you, I will furnish you with more details on the next step forward.

Thanks and best regards,

Mr. Louis Migan

Please you can reach me through this email address louismigan@yahoo.co.nz

E-mail leaked... : Longschott@aol.com,Loretta.Gonzales@ymail.com,Lorilie56@aol.com,Louinne@lbox.co.za,LovecatsCat@aol.com,LoyalGal@Juno.com,Lrasmus294@charter.net,LuxuryHomeBuyers@aol.com,Lyn@LynRennicksAMPSsociety.co.uk,MACKIESMOMMY@YMAIL.COM,MAUELECT@AOL.COM,MDalide@the-poison-pen.com,MHJMD@triad.rr.com,MIKE9720@COMCAST.NET,MIKEFGOTTI@AOL.com,MOMLUVKIKI@AOL.COM,MOTORIZED@I-35RVCENTER.COM,MOVIENMORE_04@msn.com,Mail@legitbusinesses.ws,Mail@pleasantdream.com,MandyCTWP@aol.com,Marcus.Barber@MLBConsultingGroup.com,Maremerchant@live.com,Marge7588@aol.com,Marioph123@aol.com,Mastervampirelestat1@msn.com,Mayers3395@aol.com,MedCreden@aol.com,MervynJay@googlemail.com,MichaelSanchez@mail.com,Michaelrcameron@aol.com,Michellemcda0717@aol.com,MickiesTolehouse@aol.com,MikeBelt@ymail.com,Mistersqueegee@ymail.com,Mnagnes11@aol.com,Monikamar@msn.com,Monirul79@hotmail.com,Monlag@aol.com,MontariBrooklyn@live.com,Mr.StreamGuy@hotmail.com,MrZurvita@NeoiCafe.com,MyRealtorCindy@comcast.net,NHorkan@consumersdiscountrx.com,N_garner@sky.com,Ngiam_teelim@yahoo.com.sg,Nicolae.Buzaianu@NicolaeBuzaianu.eu,NinaHollander@carolina.rr.com,Noah.Griesbach@jourisandhorton.com,Nupps@ymail.com,Nutritiondoctor@hotmail.com,OCAutoAccess@gmail.com,OCEANPEARL@GMAIL.COM,OOsorio@excite.com,OTRTOURS@GMAIL.COM,Ocdmad2011@hotmail.co.uk,OnlineSecurityAuthority@comcast.net,PAULB1470@COMCAST.NET,PRGillings@aol.com,PRYMETYMEXESS@YAHOO.COM,PSKYRLAS@YAHOO.GR,PUNITR_SHARMA@HOTMAIL.COM,Pan-n-Pooh@comcast.net,Pat_LaPointe@msn.com,Patrick.Flaven@Gmail.com,Patt@PattWardlaw.com,Paul.Kindervater@GMAIL.COM,Pauline@creativecraftdesigns.com,Pedersen1984@msn.com,Peggyt1@aol.com,PeterYearsley@Yahoo.co.uk,Peteroyakhire@usa.net,Petsitting2011@aol.com,Philip.Alcock@Verizon.net,Phone-Lovers@inbox.com,PhysiciansCanada@sympatico.ca,Pilch1@ntlworld.com,PoeticReasoning@gmail.com,Postta66@yahoo.com,President_tech@yahoo.com,Princeamillion85@yahoo.com,Prof@Gripalite.com,Punjabiramesh47@yahoo.co.in,PureHoodia@msn.com,QUOTEMASTERPLUS@YAHOO.COM,Quality-e-Companies@comcast.net,Quin728@hotmail.com,R7kng@aol.com,RADIATORS@HOTMAIL.COM,RAGrace@Verizon.net,REDHOUSE1981@AOL.COM,REGINAAHARDING@GMAIL.COM,RENTON_JIM@YAHOO.COM,REWLEEDEW@YAHOO.COM,RGHOMEDECO@YAHOO.COM,RI9ANGL@AOL.COM,RIZWAN@AMICAINC.COM,RJC@creecyphotography.com,RUTH@NHINSPIRE.COM

A REPORT ON YOUR DEALING WITH IMPOSTORS VIA THE INTERNET.

FORCE HEAD QUARTERS
FRAUD COMPENSATION UNIT,
IN AFFILIATION WITH CENTRAL BANK OF NIGERIA
LOUIS EDET HOUSE
SHEHU SHAGARI WAY
P.M.B 266
ABUJA, NIGERIA
EMAIL : [ thenigerian_policeforce@rocketmail.com]

MOTTO : TO SERVE AND PROTECT WITH INTEGRITY
FROM THE DESK OF INSPECTOR GENERAL OF POLICE
FEDERAL REPUBLIC OF NIGERIA

Attn: Honorable Beneficiary,

A REPORT ON YOUR DEALING WITH IMPOSTORS VIA THE INTERNET.

On behalf of the NIGERIAN POLICE FORCE, i MR MOHAMMED ABUBAKAR (Inspector General of Police) to the Nigerian Government wishes to pass this message across to you. The in Affiliation with CENTRAL BANK OF NIGERIA have agreed to compensate all scammed victims from any part of the world with the average sum of USD$8 Million for self support depending on the amount lost in the act This is regarding the draws organized lately to help individuals whom have lost their earnings in this act. And to build mutual relationship with foreigner, countries and organizations to prevent this act of extorting money from you using the names of cream of the Nigerian society. I apologize on behalf of the NIGERIAN POLICE FORCE for any delay you might have encountered in receiving your fund in the past, am very sorry for any inconvenience that these might have caused you and i want to use these medium to assure you that your fund will be released to you along with the fund that you lost to those hoodlums. The Embassy and that of the Western Union Office made me to understand that you have been very co-operative, they forwarded to me the-mails that you sent to them today and i must tell you at this point that you should have reported the issue to the Nigeria police before you started sending money to Nigeria. We are on top of the situation and i know that those involved in this act will be brought to justice for given this great country a bad influence all over the world, Your funds will be released to you via the Central bank of Nigeria under the governorship of Prof Sanusi Lamido Sanusi who is the present governor of the C.B.N. As soon as you have established contact with me and that all you told us is real and confirmed, i will send you is protocol so you can contact him and deal with him directly under the watching eyes of the Nigeria police, the F.B.I and the E.F.C.C without any upfront fees. Please get back to me with the bellow personal information for verification records update and references:

Full Name.............................................. .......
Country of Origin............................................ .
Country of residence......................................... .
Age .................................................. ........
Occupation........................................ ............
Marital Status............................................ ....
Present contact address.......................................
Direct Telephone number.......................................
Scanned copy of international passport........................
Scanned copy of drivers license...............................
Scanned copy of work Id.....................................

As soon as i receive these information from you, you will be directed to the C.B.N governor for the release of your compensation fund of $8 Million (USD). will be released to you as soon as we make our verification that you are whom you say you are and that the information which you gave us about being scammed is correct. Call me as soon as you get this e-mail for confirmation of e-mail. Remain blessed in Jesus name.

Making the world a better place!
Signed and endorsed.

Regards,
MR MOHAMMED ABUBAKAR
INSPECTOR GENERAL OF POLICE.

This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.

Therese Diggs - High quality rpelica wtach, meticulous in design and exquisite in style, is affordable and really great choice.

Do not buy cheap-looking rep iqz lic vxs as even if you will be offered very a low pri zuu ce as they will not last long. We have also a live support on phone line available for customers to contact us and provided money refund or resh ynd ipping in case you are not satisfied or have receive a dam vmu aged wa vgv tch.

Wonder why Pr rx est skh ige Re smt pli fwd cas are number 1 rep qd lica wa ev tch hn es online? Because there is no difference between them and the real ones except the price. We use identical materials and finishing to the original brand name wa rfj tch ppk es, such as genuine Sapphire Crystal, genuine solid stainless steel, and 99.9% accurate marPrestiges, finish and weight. We answer for the quality!

There is no limit to the number of products you may order.

Click here! ... http://*******.ru

15% DISC kdz OUNT FOR EVERY $250 OR MORE OR bzs DER!!!