Whitelisting server "non-deliverable" notices

Dominic Raferd dominic at timedicer.co.uk
Mon Feb 8 13:29:02 CET 2021

On 30/01/2021 09:15, Nikolaos Milas wrote:
> I would like to ask: is there a way an (incoming) mail gateway server
> (i.e. a server accepting incoming mail for an organization) to somehow
> detect/understand genuine non-deliverable notices and avoid blocking
> them as spam?
> These non-deliverable notices occur due to mail sending by the outgoing
> mail server our organization (postfix/dovecot); if there is any problem,
> the remote servers may reply with such notices, which in turn reach the
> incoming mail gateway servers of our organization. These servers,
> running postfix/amavis/clamav/spamassassin, usually block such responses
> which, however, may be useful to the original sender.
> I see a lot of such notices in the quarantine.
> How do you handle this issue in your setups?

Your own mail gateway servers should not block DSNs that are in reply to 
your own senders (but should probably block DSNs issued by any onward 
relays for incoming mail from third parties). In postfix you block DSNs 
with smtpd_discard_ehlo_keywords=silent-discard,dsn (in master.cf for 
port 25[smtpd]), but leave it unset on auth ports (typically 
587[submission] and/or 465 [smtps]).

I am not sure why your amavis quarantines DSNs, it doesn't normally do 
so for us.

More information about the amavis-users mailing list