Spam/bounce problem

James Pattie james at PCXPERIENCE.COM
Thu Dec 18 16:16:42 GMT 2003

Hash: SHA1

Tony Johansson wrote:
| I have a problem with bounces at a school where I help support their
| MailScanner installation.
| It seems spammers use the schools domain name with faked usernames as a
| return address. I've seem this at a different site but it was just a dozen
| or so which could easily be entered into sendmails access.db
| The school now gets approx 8-10.000 of these bounces daily, which is about
| 80% of their total traffic. The return addresses are random so adding them
| to access.db is not an option. The machine running MailScanner is pretty
| low end and has problems keeping up with the queues.
| The flow is something like this:
| 1. Spammer sends spam to abc at, spam has the spoofed return
| address xyz at
| 2. No such user at full/disabled etc
| 3. Mail bounces to xyz at (with return path "<>")
| 4. Smtpgate at (running mailscanner) accepts message, forwards
| to internal server
| 5. Internal server sees that the address xyz at is non-existant
| 6. Internal server tries to bounce the message, to xyz at, but
| naturally it cannot be delivered
| 7. Message is sent to postmaster at, "I tried to deliver a bounce
| message to this address, but the bounce bounced!"
| Does anyone have a remedy for this problem?

use the sendmail double bounce suppression feature talked about recently on this

- ----
- ----


in aliases:
- ----
double-bounce: /dev/null
- ----


now any e-mails that bounced and the bounce message bounces will be delivered to
/dev/null. :)

- --
James A. Pattie
james at

Linux  --  SysAdmin / Programmer
Xperience, Inc.

GPG Key Available at
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.

More information about the MailScanner mailing list