Bounce spam occurs when a spammer tries to send a spam message with your e-mail address in the sender field to an unknown address and it is rejected by the receiving mail server because the recipient does not exist. According to RFC, the receiving mail server then generates an error message (bounce message) and sends it to your e-mail address, as it assumes that you have sent this message. As the bounce message is sent by legitimate servers, such emails are very difficult to filter out. Understandably, this can be extremely annoying.
In 1982, the "SMTP" protocol was developed for communication via e-mail. At that time, spam was not yet a major problem, so there was no need to include security measures in the protocol. For this reason, the SMTP protocol does not check whether the sender actually exists on the sending mail server or not.
To test how a spam filter works and to bypass it, spammers usually use randomly generated addresses as fake senders. With this method, spammers can easily bypass simple spam filters that only check the sender against a blacklist, for example. With better spam filters, however, it is necessary for the sender address to actually exist, as they in turn check the sender. It is therefore important for spammers to use existing sender addresses.
If a mail server is set up correctly, it cannot actually cause bounce spam. Instead, the spammer's messages are rejected with a 5xx error code. If a mail server is not configured correctly, a spammer can take advantage of this and try to send a message with your e-mail address as the sender to an unknown recipient. The poorly configured mail server accepts the message and tries to deliver it. The server then realizes that the destination address does not exist and sends a bounce mail to your email address, mistakenly believing that you are the sender. Unfortunately, these bounce messages cannot be prevented as they originate from legitimate mail servers.
If your mail server accepts messages for all email addresses of a domain, the so-called "catch-all" function is activated. This means that no matter which prefix you use before the @ sign of an e-mail address, the message will always be accepted by your mail server. This has the advantage that you do not have to create a mailbox for every address that you want to work.
However, this function also has a major disadvantage. If a spammer discovers that you have activated the "catch-all" function on your server, he can easily generate millions of such bounce messages with different valid addresses. To prevent abuse of your domain, we strongly recommend that you do not use this "catch-all" function.
In order to reduce the attractiveness of your domain for such an abuse, you can make an SPF entry in the DNS settings of your domain. Signing your message with a DKIM certificate can also help to reduce the attractiveness of your domain for spammers. More informations about SPF and DKIM can be found in our FAQ articels "What is a SPF entry and how must it be designed?" or "What is DKIM and why should I use it?".
Deutsch
Arabic
Armenian
Bosnian
Bulgarian
Croatian
Czech
Danish
Dutch
Estonian
Finnish
French
Georgian
Greek
Icelandic
Italian
Latvian
Lithuanian
Luxembourgish
Macedonian
Norwegian
Polish
Portuguese
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Turkish
Ukrainian