Bounce from "destination server" as SPAM - header/received too short!

Joolee mailscanner at joolee.nl
Mon Nov 10 12:40:45 GMT 2014


Quite an easy solution is to simply don't bounce. E-mail to non-existing
users is probably (uncought) spam and they rarely come from legit e-mail
addresses. You are spamming the actual owners of the e-mail addresses being
abused by sending backscatter to them. It might even get you listed on a
backscatter dnsbl.

If you want to provide legit mail senders with a "this user doesn't exist"
message, configure all legit users on your edge server so mail to
non-existing users is being blocked on smtp level. (This will also reject
~90% of spam) The sending party can than implement any backscatter/messages
they want with this information, it's not your problem.


On 10 November 2014 12:44, Sim <simvirus at gmail.com> wrote:

> Hello to all!
>
> I've a little issue...
>
> SENDER (from test at extenal.com  to  nomail at mydomain) ------> *MailScanner *
> -----> Mailbox Server (@mydomain)
>
> At this time my internal "Mailbox Server" generate a bounce for not
> exiting "nomail" account.
> This bounce is detected as SPAM from MailScanner.
>
> Note:
> - The IP of Mailbox Server is in "Whitelist"
> - The LAN (/24) of Mailbox Server is in "Trusted Network"
> - The LAN (/24) of Mailbox Server is in "Outbound mail relay"
> - All other email sent from "Mailbox Server" are detected as "white list"
>
>
> Checking the log of postfix i've found this:
>
> postfix/cleanup[20872]: C1C2960069: hold: header Received: from
> srv.mydomain.local (unknown [192.168.0.10])??(using TLSv1 with cipher
> AES128-SHA (128/128 bits))??(No client certificate requested)??by
> mail.mydomain.com (Postfix) w from unknown[192.168.0.10]; from=<> to=<
> test at external.com> proto=ESMTP helo=<srv.mydomain.local>
> [..]
> MailScanner[19852]: Spam Checks: Starting
> MailScanner[19852]: Message C1C2960069.AEB15 from 192.168.0.10 has no (or
> invalid) watermark or sender address, marked as high-scoring spam
> MailScanner[19852]: Spam Checks: Found 1 spam messages
>
>
> The header of postifx/cleanup is incomplete!!!!
>
> Looking for full header i've seen:  "(Postfix) with ESMTPS id C1C2960069?"
>    and not only    "(Postfix) w"
>
>
> How to increase this "check of the header limit" in postfix, cleanup or
> MailScanner ?
>
> Thanks
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20141110/bf957c85/attachment.html 


More information about the MailScanner mailing list