Here's my latest tally of backscatter received from Barracuda firewalls since 2007-09-16:
1940 messagesAccording to the press releases, Barracuda says 95% of email being sent is spam. According to most people's experiences, 100% of spams have forged "from" addresses. The success of their firewall product, and the continual increase in spam are probably the reasons for an increase in email backscatter. Sadly, too many Barracuda Spam Firewall customers still enable auto-replies for spams that get blocked.
When I get such backscatter, it's easy to fight back with an auto-reply of my own (thanks to Thunderbird's filters). Several Barracuda Spam Firewall customers have replied to me when I (automatically) contacted them about their firewalls creating backscatter.
Here are a few of those relatively rare, yet encouraging replies. I have left out the names of the individuals involved for privacy reasons:
date: Dec 21, 2007 6:02 AMNext is an example of a depressing response, which shows an administrator who is clueless about the damage she is causing the rest of the users on the internet. Her suggestion is that I just block her bounces...
subject: RE: Please configure your spam firewall to stop bouncing spams to me
First of all, sorry for the inconvenience and we thank you your advice.
We have changed the wrong configuration parameter.
Please, let us know if you receive still bouncing spams in the next days.
Date: Dec 3, 2007 8:17 AM
Subject: RE: Please configure your spam firewall to stop bouncing spams to me (was: **Message you sent blocked by our bulk email filter**)
Sir –
Thank you for the information. I would have never known about this problem without your email. I have made the recommend changes on my Barracuda filter.
date: Nov 28, 2007 12:11 AM
subject: RE: Please configure your spam firewall
The suggested changes have been made. Thanks for the heads up.
date: Oct 31, 2007 1:48 PM
subject: RE: Please configure your spam firewall to stop bouncing spams to me (was: **Message you sent blocked by our bulk email filter**)
Sorry for the inconvenience, I disabled the feature
Thanks, there is enough crap going around, no use having it bounce around on top of that
date: Oct 29, 2007 7:22 PM
subject: RE: Please configure your spam firewall to stop bouncing spams to me (was: **Message you sent blocked by our bulk email filter**)
Please accept our apologies for any trouble caused by backscatter originating from our Barracuda. We have disabled the notifications that were causing the messages to be sent.
Thanks!
date Dec 7, 2007 7:31 AMDon't you like how she turned it around as doing us all a service! My response to this nonsense got escalated to the VP of IT in her company, who wrote me a message that was very defensive, to which I replied below:
subject RE: Please configure your spam firewall to stop bouncing spams to me (was: **Message you sent blocked by our bulk email filter**)
Thanks for your email. We understand your frustration with receiving notifications of spoofed emails forged with your address. However, the notifications serve a purpose to alert you that: 1) someone is using your address to send spam; 2) alert you that you might be infected and are sending potentially infected emails.
If you feel that you are receiving too many false positives from our Barracuda, please feel free to add our domain to your blocking list.
Hello,Funny, this "VP" never wrote back. Perhaps he's still trying to figure out how to turn off the auto-reply feature of their Barracuda Spam Firewall - maybe he's asking his underlings what a log file is?...
On Dec 7, 2007 9:20 AM, (Anonymized) wrote:The next time you want to criticize someone, slap some credentials behind your name.Who says credentials are necessary to say that your Barracuda is spamming me?!
I'm complaining about the spam your Barracuda is sending to me because you've enabled the feature that most people recognize as abusive. Just Google it! I won't be the only person who is upset about this. If you want credentials to back up what I'm saying, you're just being ignorant and not listening. Again, if you don't trust me, try Google:
http://www.google.ca/search?hl=en&q=barracuda+backscatter&btnG=Google+Search&meta=
I have sent many, many, many complaints to Barracuda owners about this problem. When I get a response, it's one of the following:
1) Thank you for pointing this out to us, we are correcting the problem.
2) Backscatter isn't my fault. Too bad for you.
3) postmaster does not exist.
Since you're a VP, I trust you know which one is the more professional and customer-oriented. Yes, I'm holding you to your credentials!I assure you we have better things to do with our time than pick on someone like yourself, and send them bogus emails telling them that they might be infected. Gmail supports an outlook interface which is a commonly targeted service for spammers, have you considered the fact that someone, yes someone malicious may have in fact cracked your password and might be using your account.This is a possible explanation, but there are no facts to support my Gmail has been hacked.
I have already more than 30,000 backscatter emails, and I found out how it works. I am not the only one who's a victim of this kind of spamming problem. If you check your Barracuda logs, I'm willing to bet you'll find it's bouncing spams to other people.
Finally, here's the most common response I get when I reply to Barracuda backscatter (the domain example.com is used below, but it will be something else depending on the Barracuda box that sends it out):
This is an automatically generated Delivery Status NotificationThis shows that Barracuda Networks are not doing a great job at having customers set up their boxes properly. Pert near all of these domains end up getting a listing for being RFC-ignorant with respect to postmaster. I don't have a count yet, but it's got to be over 100 domains that I've reported there, "thanks" to the Barracuda backscatter from their poorly configured appliances.
Delivery to the following recipient failed permanently:
postmaster@example.com
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 13): 550 <postmaster@example.com>: Recipient address rejected: No such user (postmaster@example.com)
p.s. A more rare event is that sometimes a Barracuda Spam Firewall actually blocks my automated response to its backscatter, claiming my request for them to stop bouncing spams to me is itself a spam! Although telling me that my request was blocked isn't backscatter, it will get them listed as being RFC-ignorant. They're blocking requests to the postmaster address.