Added about 1 month ago
This is rare spam attack. The spammers are faking error messages.
For example if you send a real message but the recipient has a full mailbox then you ll get an error message to tell you the recipient was over quota.
The back scattering attack is about faking those messages and attach the spam to the error.
The mail RFC says that those error message have to be sent by an empty mail address.
Most of the time, they will have a subject like
T="Mail delivery failed: returning message to sender"
You can have a more detailled description of the attack here :
The only way to stop those messages it is a feature at user level. The user has to log on his/her MailCleaner user page and change his/her preference for the "Retain error messages " setting.
Once this is done the user wont get errors messages anymore (including the real ones).
Such attacks usually last only 3-4 days, so the user will need to change this setting back to normal after a few days via :
Configuration->Adrdress settings -> Retain error message
Note : Administrators can connect to ths private user page via
Management-> users->choose user->Actions-> Open user's interface
and change the setting for the user.