Backscatterer Network Spam List Is Another UCEPROTECT Extortion Scam!

By Garrett Blanton posted on Tuesday, May 4, 2010 - (General)

Share |

A few months ago I wrote an article about the UCEProtect network spam list and how their practices are extortion.

Well today, we’ve ran across another problem with UCEProtect! While troubleshooting a clients bounced email message, I ran a test for blacklist listings using MXToolBox.

Everything came back clean, except for one, backscatterer.org. This is a new one to us, so we did a little investigation. Visiting their website was déjà vu, it reminded us of the UCEProtect website, and as it turns out, they’re one of the same. Visiting their contact page you will see “BACKSCATTERER.ORG is run by the UCEPROTECT-Network”.

As it turns out Backscatterer is NOT a blacklist, It's a Sender Callout Abuser list! Nobody should be blocking mail based solely on data from a backscatter list. The only thing any mail administrator should do with this list is to use it when determining whether to flag a message as possible spam.

Since our clients mail recipient is using Backscatterer as a blacklist, we need our IP address removed. To have our IP address removed they want us to pay 50.00 € Euro's (EUR) to process our request and remove our IP. That's almost $67 dollars! This is totally unacceptable, and just as illegal as UCEProtect! The only other way to have your IP address removed is to wait 4 weeks after the last abusive action.

When visiting the Backscatterer contact page you can see just how professional the company really is.

“There should be no need to contact us:
We have heard all possible excuses why people think they can not stop their systems backscatter or doing sender callouts. If you have chosen to be a lazy or selfish netcitizen letting your system backscatter or doing sender callouts you perfectly match listingcriterias. Your recipients and we are tired of all the fake bounces, misdirected autoresponders and verify calls wasting our resources, and therfore you got blocked.

OUR BLOCKLIST - OUR RULES. NO ONE GETS A FREE RIDE HERE.

We don't make exceptions to our list, so it is futile and a waste of your time to contact us and ask for delisting.”

These statements make their company sound like a complete scam, how could a professional organization perpetuate such a business model? Why would any professional company associate themselves with Backscatterer?

If you are having mail delivery problems due to a backscatterer like us, you have our sympathy. We recommend not paying fees to anyone and addressing the matter with the mail administrators of the target mail server directly. We are sure they would be very interested to know that they are blocking legitimate mail based on a UCEPROTECT service.

AT JVF Consulting we recognize the effort of the list to inform mail server managers of any known RBL lists that contain their server names, but do not condone the use of it as a blacklist.

Tags:

Backscatterer, UCEPROTECT, Spam List, Scam

Comments (11)

By David posted on Tuesday, August 17, 2010 @ 5:06 AM

Have to agree - and their logic is not sensible either - If my mail server does not send and undeliverable reports, senders will not know they mis-typed and email address, or that a person has left.

Given HOW you get listed on their blocklists, you could be listed because one person types in a honeypot address into a webform on your site and your email auto-responder sends a message to the address given - bingo - listed for at least 7 days.

UCE Protect and Backscatter are just out to get as much money as they can. I'm surprised the German government is not investigating them.

By Carlie LaQuay posted on Friday, September 3, 2010 @ 10:51 AM

So bottom line CAN MY MAIL SREVER BE REMOVED from their list?

By pissed posted on Monday, October 11, 2010 @ 12:27 AM

Google is complicit in this extortion because they apparently block servers listed by backscatterer.org We [and all of our customers] were blocked with no justification or recourse.

Is this the NEW evil?

Beyond pissed....

By Alan Hardisty posted on Tuesday, February 22, 2011 @ 5:13 AM

The reason people end up on Backscatterer.org is because they are not Filtering Valid Recipients on their own server. If they were, then their server won't be responsible for sending an NDR message back to the sender, the sender's server is responsible.

If the message is sent from a spammer and the spammer forges the From address and the receiving server accepts and then rejects the message, then the receiving server (that isn't Validating Recipients) is the server responsible for sending an NDR message, and guess where that goes to - yep - the spoofed sender address.

So in short - if you end up listed on Backscatterer.org - it is because you are not filtering valid recipients on your own server, or if you use a 3rd party to filter spam for you, they are not filtering valid recipients and your server is sending out NDR Spam back to innocent users who never emailed you in the first place.

Don't whinge about paying for de-listing and being de-listed in the first place - configure your server correctly to filter invalid recipients and the problem will go away.

By Paul Randall posted on Wednesday, May 11, 2011 @ 7:40 AM

I'm sorry Alan, I have to disagree with everything you said. Do a little more googling and you will find that their have been plenty of false positives on backscatter.org and that they block entire IP ranges which means that you have to pay to get delisted even if it was another server on your IP range that was the culprit. And they list you because of bounce backs which is just ordinary email traffic as far as many mail-hosts are concerned.

Fair enough that if you get listed on an RBL you should look at why you are listed and if it is because of a bad configuration then fix it but it would be helpful if backscatter.org provided a detailed reason why you were listed in the first place instead of a list of possibles and the date and time of your smtp log entry (which might have rotated by then anyway).

And wouldn't it be nice if backscatter.org actually bothered to send the offending mailhost an email at the time of them being listed so they can minimise the issues caused by being listed a little earlier instead of getting notified by a customer who can't send email to one of their contacts.

As far as I am concerned Backscatter are being unreasonable with their charging policy with no warning and no actual detail as to why you got listed in the first place. They are just plain scammers!

There are plenty of good and ethical RBLs that you could use like spamcop and spamhaus who use donations to pay for their efforts. I suggest that all proper mail-hosts boycott the thieves at backscatter.org and their parent company UCE protect before they do any more damage and cause any more loss of earnings by legitimate hosts like us.

By fashion bags posted on Monday, June 27, 2011 @ 11:45 PM

As it turns out Backscatterer is NOT a blacklist, It's a Sender Callout Abuser list! Nobody should be blocking mail based solely on data from a backscatter list. The only thing any mail administrator should do with this list is to use it when determining whether to flag a message as possible spam.
I have to disagree with everything you said. Do a little more googling and you will find that their have been plenty of false positives on backscatter.org and that they block entire IP ranges which means that you have to pay to get delisted even if it was another server on your IP range that was the culprit.
I agree with you.

By mark gould posted on Wednesday, July 20, 2011 @ 3:08 AM

hello all, i was just wondering how to setup the recipient filter on exchange 2007

By SysAdmin01 posted on Monday, December 19, 2011 @ 4:20 PM

Backscatterer.org is a SCAM do NOT pay them any money unless you enjoy being ripped off.

No one uses them, who cares what they say.

IGNORE them, they will soon fade away like other criminals.

By Adam Reynolds posted on Saturday, December 24, 2011 @ 9:10 AM

These idiots who created this SCAM organization aka Backscatterer.org, email is far from perfect no matter who set it up.

It will be a cold day in Hades before I would give them 1 penny, much less contribute money to criminals.

False positives of 1 event is beyond utter madness, until they BAN all free email accounts, have a mandate RFC for 10+ character passwords utilizing numbers, symbols and letters. It will never stop, plus the fact these same people are probably running spam operations at shady hosting providers.

ANYONE can spoof the from and/or make it say anything except for the raw source.

People still do not have rDNS, SPF, domain keys and/or the other mechanisms so this is just extortion in the most hypocritical CRIMINAL ring on earth.

ENFORCE the RFC standards today that would help out, and get rid of weak passwords, enforce limits on amount of emails sent in 24 hours, shutdown criminal hosting companies.

By Someone else posted on Wednesday, December 28, 2011 @ 10:26 PM

There many reasons why a server would accept a message and reject it later on.
One obvious reason, is forwarding - a local user set his account to forward his mails to another, remote, email address.
The user's local mail system accept the mail and and tries to deliver it to the remote email address. The remote mailbox (mail system) responds with a transient (soft) error until the mail expires in the local queue and a bounce must be returned.

This is just ONE example of a valid reason - there are plenty more.

By Patrick Ramseyer posted on Tuesday, January 10, 2012 @ 12:10 PM

Hi, I got so fed up of claus Von Wolfhausen and UCEPROTECT (Backscatter.org) that I decided to set up a website advising people on how to deal with the whole issue..
It's fairly comprehensive and goes into a lot of detail .. check it out if you are stuck on their list.. there are guides to preventing backscatter on your mail server..
thanks. Patrick
http://www.stop-backscatterer.com