Email Hosting

Professional Email Hosting for Business and Individuals


This website and the other Tuffmail websites use cookies. These websites will not be fully functional without storing cookies.

We do not use any tracking cookies

We do not use any third party analytics

You can review our plain text no nonsense cookie policy here .
No cookies for me, thanks
Yes, I like cookies
The Backscatter Problem
Backscatter is a message you receive informing you that email you did not send was not delivered to someone you do not know. This type of of message is called a Delivery Status Notification or DSN. In most cases DSNs are welcome because the sender usually wants to know when a message can not be delivered to the recipient or that delivery of the message has been delayed for some reason.

DSNs occur when an email system accepts a message for delivery and then the system determines that the message can not be delivered. Messages that are accepted must be delivered to the recipient or a DSN must be sent to the sender, or more specifically, the envelope return address, notifying the sender of the delivery problem. There are many possible reasons why a message that has been accepted can not be delivered but the most common reasons are that the recipient address does not exist or that the recipient's mailbox is full.

Backscatter occurs when a DSN is sent to an email address forged in a spam run or forged by a virus that propagates by email. Accepting a message and then sending a DSN to the possibly forged envelope sender address is just not an acceptable practice today. If the message can not be delivered it should not be accepted.

The Backscatter Solution - Signed Return Addresses
A Signed Return Address contains a cryptographic signature and a time stamp. When a DSN is received with a valid signature and the time stamp has not expired, the DSN is accepted and delivered. All other DSNs are rejected by the MX servers.

SRA can be enabled on a per address basis. The length of time that the signature is valid is configurable and the secret key used to sign the address can be changed if needed.