the subject of bouncing

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Greetings, a little while ago, Oldwiseman got slated in this group for using
the bounce feature in Mailwasher.

Out of curiosity I sent some of the issues raised to Mailwasher support for
their comment and got the following in reply. To be honest though I don't
understand half of what it says, so thought I'd post it here to see what
people think. I don't use bouncing myself, because I've seen advice against
it in this group in the past, but does the Mailwasher response satisfy the


"Mailwasher uses three different ways to bounce.

Use Remote SMTP server only :

The system performs an MX DNS look-up on the hostname of the destination
email address.  If the MX look-up fails, the bounce is aborted.
For each MX record returned, the system attempts to send the message
directly top that SMTP server.  If any server returns a permanent failure
code (5xx), the bounce is aborted.
An MX server is a Mail Exchange server and MailWasher Pro tries to obtain
this from various fields (from, reply-to, etc)of an email.
A DNS lookup reqeust is performed on the various host names to determine
which mail server is present to use for the bounce. It will fail if the
headers are forged.

Use Local SMTP server only:

The system sends a bounce message through the SMTP server specified in the
account options.

Use Remote SMTP server with local fallback:

The system performs a remote SMTP send as described above.
If there are MX servers present but none were available to connect to, the
system performs a local SMTP send instead.  If there are MX servers present
and all of them return a temporary error code (4xx), the system performs a
local SMTP send.  Otherwise the bounce is aborted.

A wrong setting could cause any problem listed in your last email.

We don't have any hard data as to the efficiency of the bounce feature but
it seems that some spamming software does check for bounces and then remove
invalid addresses from the list. There is anecdotal evidence that bouncing
can help - check out the user comments on for some examples.
We haven't had any complaints from people who received bounced messages from
MailWasher, where spammers have hijacked their addresses.

Where spammers have used an innocent victim's address and set it as the
return address I
think the victim's main concern is likely to be the vast amount of "Don't
spam me!" messages from people who thought that they were the spammer. In
addition, the innocent victim will also receive a vast quantity of bounces
from genuinely invalid email addresses if the spammer has used an untested
email address list.

Where the bounce feature is demonstrably useful is where you are trying to
get off a legitimate business's mailing list that you are having trouble
opting out of. Business mailing lists usually do check for bounces, do
recognise MailWasher bounces as legitimate and do remove you from their
mailing list."

Re: the subject of bouncing

Quoted text here. Click to load it

This prevents sending a bounce to a user that is running their own mail
server on their desktop rather than using their ISP's or e-mail
provider's server.  While some users do run their own mail server (but
which may violate their ISP's terms of service regarding their customers
running servers), this would eliminate sending the bounce to an idiot
operating a desktop that has been trojanized with a mailer daemon.
Although these are the folks you really need to alerting to let them
know they are trojanized or running an non-compliant mail server, their
trojan mailer daemon doesn't listen for inbound connects.  SpamPal also
has a plug-in to perform MX blocking to tag e-mails from these type of
sending mail servers (so you could use a rule to simply delete that
e-mail originating from a trojanized host).

However, if the spammer is spewing through a legitimate domain's mail
server, like after hijacking a Hotmail or other e-mail account or using
their free trial subscription, then the MX lookup will succeed and
Mailwasher will attempt to bounce the e-mail back at that mail server.
While you are not hitting an innocent in this case, you are still
wasting the resources of that domain to handle your bounce message to
deliver the NDR to an account that the spammer is not monitoring,
anyway.  Submit a spam report to the abuse e-mail address of that domain
to get the spammer's account killed.  This only temporarily irritates
the spammer as they actually expect that account to get killed and may
have already abandoned it.  But if the domain admins get irritated
enough in handling the closing of spam sourcing accounts then they may
reconsider providing free or trial subscriptions to prevent such further
abuse, or they'll have to reconsider altering their anti-spam quotas on
those "personal" accounts.

Since Mailwasher is attempting to act as the receiving mail server that
is bouncing the spam by connecting directly to the sending mail server,
you end up possibly violating your ISP's terms of service in operating a
server on your host.  You may also find your ISP will block SMTP traffic
from traversing across their domain to some off-domain mail server
(i.e., you must target your SMTP traffic at their SMTP server or it gets

Quoted text here. Click to load it

Again you are running a local server (Mailwasher), which may violate
your ISP's terms of service, to pretend to be their mail server in
issuing the NDR - which I highly suspect will tick off your ISP.  They
don't want other mail servers to start blacklisting their domain because
of receiving bogus NDRs because those NDRs did not originate from that
domain's mail server but instead was just some clown user fraudently
pretending to be that domain's mail server.

Quoted text here. Click to load it

The only spammers that I've heard that do this are professional
marketing houses that work with their corporate customers and follow
guidelines.  They may spam you once but will stop when requested.  Those
type of spams are targeted to a specific user or department for the
recipient rather than being shotgunned out to anyone on some huge spam
list of e-mail addresses.  Those folks are not the cause of the spam
deluge problem.  An advertisement e-mail for a C++ library sent to an
attendee of some seminar that registered with their e-mail address and
is a programmer at a company is still spam as it is unsolicited but
those are not the problematic spams of viagra, penis enlargement,
mortgages, and other crap spam that gets spewed to anyone on a spammer's
e-mail list.

Opt-out does work with some companies.  For example, for spam received
from, opting out has worked for me.  Same for other well-known
companies that operate marketing departments who have guidelines
regarding honoring opt-outs.  Yeah, requiring them to use opt-ins by me
would eliminate those spams but getting a one-time spam from and
never again is a lot less effort to eliminate those spams than having to
run anti-spam software, rules, filters, and whatnot to get rid of all
the incessant spam crap by irresponsible and immoral a-holes.

With those type of marketing spam, you don't need Mailwasher as the
opt-out gets honored.  Those senders operate mail accounts to accept the
opt-outs and bounces and hence they are often identifiable.  They aren't
the spammer a-holes that are hiding and to which these NDRs are not only
worthless but waste everyone's resources (other than the spammer's) and
make you look like an idiot to the spammer.

Quoted text here. Click to load it

Meaning that the NDRs do not get routed through a server at so they could actually measure the effectiveness of the
bounces, like checking how many bounces occur per account and en masse
and how their magnitude affects the amount of spams originating from the
source.  They don't know.  That's just like the guy that started this
other thread saying that spam in his mailbox went down after starting to
use the bounce feature in Mailwasher and not also monitoring the global
spam levels during his trial period, working with his ISP to determine
the level of spam hitting that domain, and also gauging how many spams
hit his account beforehand and how many hit it afterward.  Could be the
ISP's anti-spam filtering got tweaked to help eliminate more spam ever
showing up in his Inbox.  That's like saying that he hit a crosswalk
button and traffic disappeared, but if you watch traffic then you'll
already know that there are always lulls in traffic density so pressing
the button at the right time would make it appear the button did

Quoted text here. Click to load it

Yeah, bury your head in the sand and deny the problem.  Innocents *do*
get slammed with thousands of NDRs for e-mails that they never sent.
Lurk in the newsgroups longer and you'll notice the poor saps wondering
how to keep spammers from using their e-mail address so they don't get
slammed with thousands of NDRs.  Those NDRs didn't go back to the
spammer's mail server (that had a valid MX record lookup) but instead
simply got unintelligently delivered using the falsified From header.

As SMTP is currently defined, all you can do is make a best guess as to
who is the real sender (i.e., if the source of their e-mail in the
Received headers looks reasonably close to the sender's info in the
other headers).  However, even under legitimate cases, a sender may be
contracting with someone else to send the alerts or announcement
e-mails.  My ISP, Comcast, did that with eCare.  I would get
announcements purporting to be from Comcast except they originated from
eCare's domain.  I notified Comcast that such "official" announcements
MUST originate from a Comcast domain; else, they would be considered
spam and possibly phish mails (even if the links went back to Comcast's
domain).  They eventually let eCare relay their contracted announcement
through Comcast's server so their Comcast-official e-mails originated
from a Comcast domain.

Quoted text here. Click to load it

That's why YOU interrogating the headers and looking at the Received
headers to get a threshold of believability that the sender is correctly
identified in the other headers gives a good chance that your NDR
doesn't hit an innocent.  So far, I've seen no intelligence employed in
Mailwasher or in challenge-response schemes that compute a threshold of
probability that the NDR will get sent to the real sender.  Checking for
a valid MX record is okay in that it eliminates YOU wasting resources to
bother sending the NDR in the first place.  Even if you sent it, the
trojanized sender won't see your NDR anyway because the mailer daemon
isn't going to accept it and the user of that trojanized host won't see
it (so the infected innocent doesn't get slammed with your NDRs).  Using
your own ISP's SMTP server and pretending to be them when issuing your
bogus NDRs is probably a violation of several conditions in their terms
of service.  They don't want you pretending to be them.  They have
enough work to do to eliminate the spam without a bunch of idiot
customers polluting their efforts.

Those "good" spammers that target their e-mails and honor opt-outs are
not the cause of the spam problem.  If they were the only spammers,
you'd probably see around half a dozen spams per year and you certainly
wouldn't need Mailwasher and its dubious bounce function to handle that
level of spam.

Post your replies to the newsgroup.  Share with others.
E-mail reply: Remove "NIXTHIS" and add "#VS811" to Subject.

Re: the subject of bouncing

Quoted text here. Click to load it
Of all the things in this world and we are worried about bouncing some SPAM.

I bounce all the time. If Mailwasher does not like the addy it does not even
give me the option to bounce.
As of late, I HAVE NOT received the freakin' emails from Brazil as a result
of bouncing their "GARBAGE" back to the original server.

And If someone's computer is hijacked and used as a spam forwarder, then
they sure in hell better get it figured out soon.

My God, bounce it, bounce it bounce it, bounce it,, bounce it bounce it,
bounce it,, bounce it bounce it, bounce it,

Re: the subject of bouncing

Quoted text here. Click to load it

You are clueless. If the header is forged you bounced back to an innocent

James E. Morrow
 Email to:

Re: the subject of bouncing

Quoted text here. Click to load it

He doesn't care.  The bounceback feature is his pacifier.  He wants to
be feel like he is actively fighting spam but he is too lazy to report
it to the blacklists or interrogate the headers to report the abuse to
the spammer's provider(s).  After all, he is already violating the terms
of service at his provider (Comcast) by running a server that spews
bogus NDRs pretending to be from his provider's mail server.  He doesn't
care about responsible solutions.  He is the kind of idiot that gives
spammers a warm and fuzzy feeling: a moron that thinks he actually has
an effective method to block their spam, a method as effective as
stringing tissue paper across the highway to block traffic.

Regardless of whether or not issuing client-side bogus NDRs is effective
in reducing spam and the side effects of slamming innocents with "bounce
spam", the user should check with their ISP to ensure they are not
violating their ISP's terms of service or acceptable use policies
regarding the operation of server-like client-side programs.  You might
also want to ask your ISP if issuing bogus NDRs in pretending to
originate from your ISP's mail server(s) might be considered fraudulent,
especially if you issue those bogus NDRs through their mail server
(Mailwasher lets you connect to the remote SMTP server but that depends
on your ISP not blocking off-domain SMTP traffic that doesn't target
their own on-domain SMTP servers).  Otherwise, that user could find
their account rudely closed for pretending to be the ISP's mail server.

Post your replies to the newsgroup.  Share with others.
E-mail reply: Remove "NIXTHIS" and add "#VS811" to Subject.

Site Timeline