Bounce from "destination server" as SPAM - header/received too short!

Joolee mailscanner at
Mon Nov 10 12:40:45 GMT 2014

Quite an easy solution is to simply don't bounce. E-mail to non-existing
users is probably (uncought) spam and they rarely come from legit e-mail
addresses. You are spamming the actual owners of the e-mail addresses being
abused by sending backscatter to them. It might even get you listed on a
backscatter dnsbl.

If you want to provide legit mail senders with a "this user doesn't exist"
message, configure all legit users on your edge server so mail to
non-existing users is being blocked on smtp level. (This will also reject
~90% of spam) The sending party can than implement any backscatter/messages
they want with this information, it's not your problem.

On 10 November 2014 12:44, Sim <simvirus at> wrote:

> Hello to all!
> I've a little issue...
> SENDER (from test at  to  nomail at mydomain) ------> *MailScanner *
> -----> Mailbox Server (@mydomain)
> At this time my internal "Mailbox Server" generate a bounce for not
> exiting "nomail" account.
> This bounce is detected as SPAM from MailScanner.
> Note:
> - The IP of Mailbox Server is in "Whitelist"
> - The LAN (/24) of Mailbox Server is in "Trusted Network"
> - The LAN (/24) of Mailbox Server is in "Outbound mail relay"
> - All other email sent from "Mailbox Server" are detected as "white list"
> Checking the log of postfix i've found this:
> postfix/cleanup[20872]: C1C2960069: hold: header Received: from
> srv.mydomain.local (unknown [])??(using TLSv1 with cipher
> AES128-SHA (128/128 bits))??(No client certificate requested)??by
> (Postfix) w from unknown[]; from=<> to=<
> test at> proto=ESMTP helo=<srv.mydomain.local>
> [..]
> MailScanner[19852]: Spam Checks: Starting
> MailScanner[19852]: Message C1C2960069.AEB15 from has no (or
> invalid) watermark or sender address, marked as high-scoring spam
> MailScanner[19852]: Spam Checks: Found 1 spam messages
> The header of postifx/cleanup is incomplete!!!!
> Looking for full header i've seen:  "(Postfix) with ESMTPS id C1C2960069?"
>    and not only    "(Postfix) w"
> How to increase this "check of the header limit" in postfix, cleanup or
> MailScanner ?
> Thanks
> --
> MailScanner mailing list
> mailscanner at
> Before posting, read
> Support MailScanner development - buy the book off the website!
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the MailScanner mailing list