Hi, the one way I fould to stop Backscatter was to use DISCARD instead
of REJECT.
You can check this post here http://taint.org/2007/05/30/164456a.html
(the last comment is mine). Maybe you'll find it useful.
Good luck.

This post is rather old but maybe I have a solution for visitors stepping by this post searching for a simple solution:

1. Do not allow your local users to send e-mail using SMTP Port 25. Port 25 should be used only for SMTP (MTA) data transfer
2. Enable Port 587 (submission) and/or Port 465 (SMTPs) in master.cf like this:

smtp inet n - - - - smtpd
-o smtpd_sasl_auth_enable=no
-o smtpd_discard_ehlo_keywords=silent-discard,dsn
submission inet n - - - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject

You see the following:
SMTP:
- No SASL Auth enabled (no local user can authenticate on this port)
- smtpd_discard_ehlo_keywords <-- means: do NOT answer to sender notifications. This is very important to prevent massive backscattering. And that's what will answer your origin question.

SUBMISSION/SMTPs:
- Enable SASL Auth
- Enforce encryption / TLS Security (very much recommended to not allow users to connect to your server using plain passwords)
- client restrictions: only allow authenticated connections (reject everything else)

I hope this helps anyone else trying to optimize the postfix backscattering configuration.

Of course - in addition to that - you can introduce additional header and body checks as described here which would also be recommended: http://www.postfix.org/BACKSCATTER_README.html