:fail: and bounce messages


Well-Known Member
Jan 2, 2004

Something changed recently to where :fail: bounce messages are being sent.

two domains: filtered-domain.com which has MX records pointing to a third-party spam filtering service, and unfiltered-domain.com which is completely local, both on same email server. Default/catch-all is set to :fail: on all domains. Spam service IP addresses are listed as Trusted SMTP addresses. Email clients POP the local server to get their email that has passed through the spam filter to the local server (if filtered).

Test messages sent from another domain on the same server (test-domain.com) and from yahoo.com to non-existent addresses on both filtered and unfiltered domains.

Test-1: send an email from [email protected] to [email protected] and [email protected]
Result: mail delivery system email is received by [email protected] - mail delivery failed. Message generated by the server that hosts all three domains.

Test-2: send an email from [email protected] to [email protected] and [email protected]
[email protected] received a bounce message from [email protected] generated by the yahoo.com servers.

For the [email protected], a bounce message is generated on the server hosting filtered-domain.com but is queued up as an undeliverable bounce, attempting to send it to the spam filtering service.

I understand yahoo generating the bounce/NDR and that's normal. What I can't find is why the hosting server is generating bounce emails. This just started after the latest WHM upgrade, but that may be coincidence. WHM 11.52.0 (build 17)

Hoping I'm just missing something simple, lol.
Last edited by a moderator:


Staff member
Apr 11, 2011
Hello :)

Could you search for an example of this in /var/log/exim_mainlog and post the output? EX:

exigrep [email protected] /var/log/exim_mainlog
Thank you.