Topic: Too many emails "From: MAILER-DAEMON@....."

[mmccarn]

I have two clients running SME 6.01 who have similar problems.  The qmail "Remote" queue fills up with bounce messages "From: MAILER-DAEMON@...".

Eventually email flow slows almost to a halt as the server's outbound SMTP connections are used up trying to deliver these bounce messages - usually to mail servers that are themselves overloaded (and therefore sloooow).  One of my servers would open 20 outbound connections to "Blazenet.com" as soon as I started qmail, but would never actually succeed in disposing of any of the messages in the queue.

I have other, non-SME customers who are getting a lot of spam concealed as bounce messages -- that is, if I want to spam joe@great.com I send a message to nonexistentuser@anothercompany.com that is *from* "joe@great.com" - the the mail server at "anothercompany.com" helpfully delivers my spam to "joe@great.com".

1. Am I right?  Are others seeing this behavior?  I've seen this for 4 - 5 clients, starting about 6 weeks ago.

2. If I am right, is there a way to filter out and dispose of the fake bounce messages without preventing honest typos from generating helpful bounces?  (I suppose I'm asking to have the bounce messages processed by Spamassassin and ClamAV).

Thanks!

[gordonr]

I have two clients running SME 6.01 who have similar problems.  The qmail "Remote" queue fills up with bounce messages "From: MAILER-DAEMON@...".

Most of this mail is likely to be "Joe Job" spam - mail sent to "every" address at your domain. 6.0 accepts the mail, finds there is no matching local user and then bounces the mail. But since the sender was also fake, you end up with double or triple bounces flooding the Postmaster mailbox.

Upgrade to 7.0, which includes full user/domain filtering and many, many other improvements to the mail system.