Getting Flooded by Mailer-Daemon and Postmaster addressed email (BACKSCATTER)

  • 7020932
  • 15-Apr-2008
  • 07-Aug-2017


GWAVA 4, 5, & 6


Email system is flooded with Mailer-Daemon and Postmaster email


These emails are most likely caused by "Backscatter". This is a common term used to describe undeliverable messages generated by an SMTP server. It is important to understand that these emails are not typically spam. Rather they are legitimately created email messages generated by a compliant SMTP server. The most likely cause is a spammer originated the message, sent it to an open relay or SMTP appliance of some sort, and faked the reply address using a dictionary attack or some other means. When the SMTP relay/appliance attempted deliver to the correct address and was rejected, the only address it could go on to send an undeliverable message to was the reply address. Meaning that the mailer-daemon message created by the SMTP server is sent to you, an unsuspecting email address, rather than the real originator.

For more information about backscatter and ways to avoid it, try the following link or search "backscatter" on your internet search engine.

Additional Information

This article was originally published in the GWAVA knowledgebase as article ID 228