While we have seen a 150% increase in overall spam there are specific spam tactics that are seeing huge increases as well. The latest trend in spam appears to be email messages that spoof non-delivery reports (NDR), the messages users receive when their email bounces back from a non-existent email address or system failure.
NDR messages are usually legitimate, but this mail server function is being exploited by spammers using the sender’s real name. Spam content is sent as an attachment to the fake NDR.
Since most NDRs are legitimate emails and part of the mail server functionality, many traditional email filtering techniques do not detect or block them, he said.
Spam now makes up close to 90 percent of all global email, representing billions of spam messages each day. Most spam is generated automatically through botnets – networks of PCs that have been taken over by attackers.
What does Warning – Reverse DNS does not match SMTP Banner mean?
The short answer is that the reverse IP address name is not contained in the server HELO or EHLO banner. In the example below, the string “someotherdomain.com” is not found anywhere in the server banner, which is reporting “example.com“. This is only a warning, and in some cases you may have no control over this. However, if you have the ability to make these match, you should. Some mail servers look for this and use it to mark messages you send as questionable. Most mail systems will not reject your messages outright, but this may effect your spam score increasing the likelihood your messages will be marked as spam.
In other words, it is a best-practice you should endeavor to follow. It doesn’t mean you are a bad person or won’t be able to send email.
220 mx.example.com StrongMail SMTP Service at Wed, 09 Sep 2009 17:00:01 -0700
Not an open relay.
0 seconds – Good on Connection time
0.156 seconds – Good on Transaction time
OK – 220.127.116.11 resolves to mail.someotherdomain.com
Warning – Reverse DNS does not match SMTP Banner