Don't send "sender non-delivery notification" to one sender

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Don't send "sender non-delivery notification" to one sender

Zach Sheppard
Is it possible to exempt one sender from receiving non-delivery notifications? We have a DMARC policy that forces DKIM headers on all mail and when Postfix sends a non-delivery notification to this bulk mail sender (a fake e-mail alias) it fails because of our DMARC policy.

I have set notify_classes= to not receive any e-mails about errors/bounces but it looks like the non-delivery notifications still occur.

How could I block one sender from receiving those notifications?

Thanks

Reply | Threaded
Open this post in threaded view
|

Re: Don't send "sender non-delivery notification" to one sender

Dominic Raferd


On 25 January 2018 at 16:02, Zach Sheppard <[hidden email]> wrote:
Is it possible to exempt one sender from receiving non-delivery notifications? We have a DMARC policy that forces DKIM headers on all mail and when Postfix sends a non-delivery notification to this bulk mail sender (a fake e-mail alias) it fails because of our DMARC policy.

I have set notify_classes= to not receive any e-mails about errors/bounces but it looks like the non-delivery notifications still occur.

How could I block one sender from receiving those notifications?

​Rather than remove the notifications you could make them DMARC compliant with:
internal_mail_filter_classes = bounce

See http://www.postfix.org/postconf.5.html#internal_mail_filter_classes - note the warning (presumably because of a loop risk)

Reply | Threaded
Open this post in threaded view
|

Re: Don't send "sender non-delivery notification" to one sender

Dominic Raferd
On 25 January 2018 at 16:42, Dominic Raferd <[hidden email]> wrote:

>
>
>
> On 25 January 2018 at 16:02, Zach Sheppard <[hidden email]> wrote:
>>
>> Is it possible to exempt one sender from receiving non-delivery notifications? We have a DMARC policy that forces DKIM headers on all mail and when Postfix sends a non-delivery notification to this bulk mail sender (a fake e-mail alias) it fails because of our DMARC policy.
>>
>> I have set notify_classes= to not receive any e-mails about errors/bounces but it looks like the non-delivery notifications still occur.
>>
>> How could I block one sender from receiving those notifications?
>
>
> Rather than remove the notifications you could make them DMARC compliant with:
> internal_mail_filter_classes = bounce
>
> See http://www.postfix.org/postconf.5.html#internal_mail_filter_classes - note the warning (presumably because of a loop risk)


Alternatively, or as well, suppress DSN notification to strangers:

/etc/postfix/main.cf:
smtpd_discard_ehlo_keyword_address_maps = cidr:/etc/postfix/esmtp_access

/etc/postfix/esmtp_access
# 127.0.0.1 usually will have been re-routed via amavis and
re-injected i.e. it started as an external email?
127.0.0.1           silent-discard, dsn
127.0.0.0/31        silent-discard
192.168.0.0/16      silent-discard
0.0.0.0/0           silent-discard, dsn
Reply | Threaded
Open this post in threaded view
|

Re: Don't send "sender non-delivery notification" to one sender

Bastian Blank-3
In reply to this post by Zach Sheppard
On Thu, Jan 25, 2018 at 11:02:51AM -0500, Zach Sheppard wrote:
> Is it possible to exempt one sender from receiving non-delivery
> notifications? We have a DMARC policy that forces DKIM headers on all mail
> and when Postfix sends a non-delivery notification to this bulk mail sender
> (a fake e-mail alias) it fails because of our DMARC policy.

Why do you bounce any emails?

Bastian

--
No one may kill a man.  Not for any purpose.  It cannot be condoned.
                -- Kirk, "Spock's Brain", stardate 5431.6