blocking annoying 'bounce mail' "feature" from customers use.

Seth Mattinen sethm at
Wed May 25 16:17:09 UTC 2011

On 5/25/11 9:09 AM, Eric J Esslinger wrote:
> Mac Mail (and others) have a "feature" that allows my customers to generate a fake NDR message and send it back through my server. I get about a customer every few months that discovers this 'solution' to spam emails, and when it happens they cause delivery problems for my customer mail server by generating backscatter.
> Today I just ended up on a list that won't take me off for quite a while (or unless I pay).
> Does anyone know of a way for me to block the following, using postfix, either via refusing to accept the mail or by dropping it in /dev/null:
> Mail from <> or postmaster that originates within our customer IP blocks/is sent using authentication at the submission port and/or that does not have a valid local recipient.
> I can't find any ready made recipies online for this sort of thing in a short dig around for it, and while I think it's possible, I was wondering if anyone else was already dealing with this and could say 'oh yeah just put line blah in header_checks'. I would think it would be simple once you find it but you know how it is.
> (I've already dealt with the customer in question but I'm getting tired of this popping up every month or three.)

You can check for a combination of two or more of these headers:

Auto-Submitted: auto-generated (failure)
X-Mailer: Apple Mail (x)
Content-Type: multipart/report;


More information about the NANOG mailing list