It was backscatterer.org. I don't recall how simple the fix was, but I couldn't find much information on it at the time. The list appeared last in the blacklist tools so I figured it was a fairly new thing.

How can you know when you're about to send a bounce to a backscatter? I'd love to know this!

Sorry for the extremely late reply, but you can test using http://its-netzwerk.com/bscatter/

Alternatively attempt to send a message to a nonexistent address on your MTA using telnet which should throw an error after "RCPT TO" if the server is configured correctly Steps to test SMTP via telnet: https://my.esecuredata.com/index.php?/knowledgebase/article/...

Thank you for your reply. From my understanding, what you suggest is that a backscatter uses a return path email that does not exists?

My understanding was that a backscatter uses an email that is not his, in order to deliver a message without sending it directly (and making the bounce server act like a spammer).

Am I missing something?

Here is a good blog post [1] that explains backscatter and some ways to help prevent it.

[1] https://willem.com/blog/2019-09-10_fighting-backscatter-spam...

Thanks!