Jump to content

To Bounce or Not to Bounce?


Outernaut

Recommended Posts

I'm no longer able to find the article here about to Bounce or not to Bounce so apologies.

Preamble:
(using cPanel > Global Email Filters settings)

When adding a IP address to a black list,  I can choose "Fail With Message" and prompted with a text box to provide the "message".
There is a lot of chatter (82 pages @ 25 topics each with numerous replies) regarding bouncing, but no pro or cons to bouncing emails.

QUESTION:
GURUS! Is it best practice to bounce, or not to bounce and just delete them?

TIA,

~o~
 

Edited by Outernaut
Link to comment
Share on other sites

41 minutes ago, Outernaut said:

GURUS! Is it best practice to bounce, or not to bounce and just delete them?

 

I think some clarification needs to be around the word bounce.  If you are bouncing during the smtp connection, then the bounce will not originate from your server, but will be sent from the sending server.  If you accept the email, and then bounce later, it will be coming from your server.

My preference is to disable anything that might show my server's IP, such as a bounce after SMTP accept, and to have my server to reject during the SMTP connection so the IP in the bounce would be the sending server's IP, not mine.

Link to comment
Share on other sites

41 minutes ago, gnarlymarley said:

I think some clarification needs to be around the word bounce.  If you are bouncing during the smtp connection, then the bounce will not originate from your server, but will be sent from the sending server.  If you accept the email, and then bounce later, it will be coming from your server.

My preference is to disable anything that might show my server's IP, such as a bounce after SMTP accept, and to have my server to reject during the SMTP connection so the IP in the bounce would be the sending server's IP, not mine.

I will try to explain better:

Mail arrives at server and in cPanel > Global Email Filters is where I enter the IP, and choose what to do with that IP next time email arrives. The "Action" options are:

To Filter, I use:

  1. I enter a name for the filter (I use the offending IP - easier to find),
  2. then under Rules, from drop-down I choose "Any Header" > "Contains" and enter the IP address, or parts of it.
  3. and Under Actions, is where I choose what to do with it. My choices are:
  • Discard Message
  •  Redirect to email
  • Fail with message (bounce?)
  • Stop processing rules
  • Deliver to folder
  • Pipe to a program

 I assume these checks are done as email arrives. Do you think 'Fail with message' shows my IP or senders? 

Too, the server Host tells me they scan for spam using default of '5' and use Spamcop, so I shouldn't have to do anything, BUT, I have my settings via spam Assassin (now Apache SpamAssassin) set to 2.5 and raunchy spam with phishing, worm, or Trojans still come through daily. The generic spam, those with my winning the latest Apple stalker, a contest winner, parcel waiting for pick up or receive my millions of dollars on hold, ad nauseum arrive daily. 

Link to comment
Share on other sites

On 10/16/2020 at 3:29 PM, gnarlymarley said:

I think some clarification needs to be around the word bounce.  If you are bouncing during the smtp connection, then the bounce will not originate from your server, but will be sent from the sending server.  If you accept the email, and then bounce later, it will be coming from your server.

My preference is to disable anything that might show my server's IP, such as a bounce after SMTP accept, and to have my server to reject during the SMTP connection so the IP in the bounce would be the sending server's IP, not mine.

One account I am interested in protecting (Y.Com for example) is on a shared server/IP. It's one of those reseller programs similar to what Hostgator and the like offer. The account has it's own domain name of course, and may have a multitude of email addresses. The email IP octet set has one number different in the last octet than the site IP shared address. i.e. Site may be 123.456.789.001 and the email is 123.456.789.002 

I sent a email out from me@y.com to myself at a telecom email address. The headers showed the IP for the shared host email IP, followed by my ip at the telecom. If I understand you correctly, then my IP is showing? Is there a handy-dandy how-to for noobs you could recommend that addresses this issue of 'to bounce or just delete'. ?

I very much appreciate your time,

~o~

Edited by Outernaut
typo
Link to comment
Share on other sites

19 hours ago, Outernaut said:

I sent a email out from me@y.com to myself at a telecom email address. The headers showed the IP for the shared host email IP, followed by my ip at the telecom. If I understand you correctly, then my IP is showing? Is there a handy-dandy how-to for noobs you could recommend that addresses this issue of 'to bounce or just delete'. ?

It is correct that your IP will be showing since you started the test email.  Your IP will not be showing when someone else starts the email as it will be their IP.

These suggests to send bounces to a local address and look at them:
https://www.spamcop.net/fom-serve/cache/380.html

This suggests to check the device if it is the source of the spam:
https://www.spamcop.net/fom-serve/cache/405.html

Link to comment
Share on other sites

On 10/16/2020 at 5:33 PM, Outernaut said:

Mail arrives at server and in cPanel > Global Email Filters is where I enter the IP, and choose what to do with that IP next time email arrives.

After reading https: //docs.cpanel.net/knowledge-base/email/how-to-configure-email-filters/, it appears that Global Email Filters uses spamassassin.  Spamassassin usually scans the email after it has be received, but before it was accepted.  This means a bounce should not originate from your server.

On 10/20/2020 at 12:37 PM, Outernaut said:

Can someone tell me where I should be asking this question? Should I open a account at cPanel and ask them? 

I think a question here is whether cPanel's Global Email Filter's "Fail with Message" does it before or after it is accepted.  A message can be sent along with the rejection to the sending server at the time of rejection.  It maybe good ask the cPanel folks if your question does not get a reply.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...