Whitelisting server "non-deliverable" notices
dominic at timedicer.co.uk
Mon Feb 8 13:29:02 CET 2021
On 30/01/2021 09:15, Nikolaos Milas wrote:
> I would like to ask: is there a way an (incoming) mail gateway server
> (i.e. a server accepting incoming mail for an organization) to somehow
> detect/understand genuine non-deliverable notices and avoid blocking
> them as spam?
> These non-deliverable notices occur due to mail sending by the outgoing
> mail server our organization (postfix/dovecot); if there is any problem,
> the remote servers may reply with such notices, which in turn reach the
> incoming mail gateway servers of our organization. These servers,
> running postfix/amavis/clamav/spamassassin, usually block such responses
> which, however, may be useful to the original sender.
> I see a lot of such notices in the quarantine.
> How do you handle this issue in your setups?
Your own mail gateway servers should not block DSNs that are in reply to
your own senders (but should probably block DSNs issued by any onward
relays for incoming mail from third parties). In postfix you block DSNs
with smtpd_discard_ehlo_keywords=silent-discard,dsn (in master.cf for
port 25[smtpd]), but leave it unset on auth ports (typically
587[submission] and/or 465 [smtps]).
I am not sure why your amavis quarantines DSNs, it doesn't normally do
so for us.
More information about the amavis-users