Page 1 of 1

Cannot disable every bounce email

Posted: 2020-04-02 14:37
by paulpeeters
Hello

The IP address of our mail server got listed in the BACKSCATTERER list (http://www.backscatterer.org/index.php). As a result a few domain mail servers that use this blacklist, refuse to accept emails coming from our domain mail server.

One gets added to this BACKSCATTERER list when their system detects that emails are being bounced (no matter the reason of the bounce). I don't know exactly how they are able to detect bouncing emails and up until now I was not able to contact that organisation to get a clarification, which would be required to analyse and solve the issue.

I think that I have disabled every possible bounce in hMailServer but from the logs I think there is at least one case that apparently slips through and which I cannot disable. This hMailServer is mainly setup with a lot of aliases and distributions lists that forward email to external email addresses. From time to time, a forwarded email to a gmail.com recipient is refused and the log shows the below :

Messages missing a valid address in From:[nl]550 5.7.1 header, or having no From: header, are not accepted

A few lines further in the log file, I can see that a bounce email message is being sent back and although the error says there is no valid address or no From header, it apparently knows where to send this bounce mail to.

I have the latest version of hMailServer.

Anyone any idea how to disable that (and possible other) mail bounce ?

Thanks
Paul Peeters

Re: Cannot disable every bounce email

Posted: 2020-04-02 15:13
by SorenR
paulpeeters wrote:
2020-04-02 14:37
Hello

The IP address of our mail server got listed in the BACKSCATTERER list (http://www.backscatterer.org/index.php). As a result a few domain mail servers that use this blacklist, refuse to accept emails coming from our domain mail server.

One gets added to this BACKSCATTERER list when their system detects that emails are being bounced (no matter the reason of the bounce). I don't know exactly how they are able to detect bouncing emails and up until now I was not able to contact that organisation to get a clarification, which would be required to analyse and solve the issue.

I think that I have disabled every possible bounce in hMailServer but from the logs I think there is at least one case that apparently slips through and which I cannot disable. This hMailServer is mainly setup with a lot of aliases and distributions lists that forward email to external email addresses. From time to time, a forwarded email to a gmail.com recipient is refused and the log shows the below :

Messages missing a valid address in From:[nl]550 5.7.1 header, or having no From: header, are not accepted

A few lines further in the log file, I can see that a bounce email message is being sent back and although the error says there is no valid address or no From header, it apparently knows where to send this bounce mail to.

I have the latest version of hMailServer.

Anyone any idea how to disable that (and possible other) mail bounce ?

Thanks
Paul Peeters
A proper SPF and DKIM setup will prevent anyone from using your domain in sending SPAM, even if your server is NOT involved.

Backscatter is when someone is sending SPAM that appear from your domain but uses a hacked server somewhere to send to a non-existing recipient. The server with the non-existing recipient will send a NDR (non-delivery report) back to what appears to be the originating server - Except it's not but it is drowning in NDR's for a domain not on the server - that's how you end up on this list.

Re: Cannot disable every bounce email

Posted: 2020-04-02 18:38
by palinka
SorenR wrote:
2020-04-02 15:13
A proper SPF and DKIM setup will prevent anyone from using your domain in sending SPAM, ONLY if your server is NOT involved.
A comprimised account password can also result in spam coming from your domain. Just sayin'.... :D

Re: Cannot disable every bounce email

Posted: 2020-04-02 18:57
by paulpeeters
I had already setup SPF, DKIM and DMARC, the latter only with policy 'none' which I have now changed to policy 'reject'.

But what I would really like to know is how to make sure my hMailServer does not send NDR reports (bounce mails) at all

Re: Cannot disable every bounce email

Posted: 2020-04-02 19:23
by SorenR
paulpeeters wrote:
2020-04-02 18:57
I had already setup SPF, DKIM and DMARC, the latter only with policy 'none' which I have now changed to policy 'reject'.

But what I would really like to know is how to make sure my hMailServer does not send NDR reports (bounce mails) at all
Create a catch-all account.

Re: Cannot disable every bounce email

Posted: 2020-04-02 19:32
by paulpeeters
I had a catch-all account but I disabled it because I thought that could have caused the NDR bounces

Re: Cannot disable every bounce email

Posted: 2020-04-02 20:29
by SorenR
paulpeeters wrote:
2020-04-02 19:32
I had a catch-all account but I disabled it because I thought that could have caused the NDR bounces
A Catch-all account is like a black hole, nothing escapes it :mrgreen:

Re: Cannot disable every bounce email

Posted: 2020-04-02 23:08
by mattg
I use a rule to catch them
(I don't like catch all accounts)



From contains 'mailer-daemon' or from contains 'mail.example.com' where mail.example.com is the MX record name