Is an email server that accepts an email and then silently filters it out complying with SMTP standards?

cn flag

Can you send an email to an address, have it be accepted by the mail server, and then the mail server silently deletes it?

I am running an email server. I have noticed that some emails come from IP addresses on the spamhaus list. When these emails are received by the server it responds with one of the 2yz (Positive Completion Reply) codes. But then it silently filters out the email so that the user does not see it. I wanted to check this was adhering to the SMTP standards.

fr flag

I highly recommend to think of this less of an exercise in maximizing compliance, but more in a exercise in minimizing the disservice to humans having to suffer the collateral damage.

The relevant standard does describe what the server generally must do after accepting - but it also clearly notes exceptions, such as for abusive clients:

When the receiver-SMTP accepts a piece of mail (by sending a "250 OK" message in response to DATA), it is accepting responsibility for
delivering or relaying the message
. It must take this responsibility seriously. It MUST NOT lose the message for frivolous reasons, such
as because the host later crashes or because of a predictable
resource shortage. Some reasons that are not considered frivolous
are discussed in the next subsection and in Section 7.8.

( emphasis mine, from )

You may still "deliver" any share of incoming mail directly to whatever place you deem reasonable for the recipient, including the trash bin. But you do not win or lose much in how you treat the occasional spammer (really, computational resources are nothing in comparison to human lifetime), but we all lose a lot in applying special treatment to presumed abusive users that ends up affecting legitimate uses.

Spamhaus has a very good track record, but it will still occasionally return results that may not perfectly align with what sources your users never want mail from. It may even open up legal challenges around accepted, then never acted-on messages. Please wherever not strictly necessary for resistance against attacks clearly let the sender know - with a high preference on SMTP-stage defer/reject.

cn flag

RFC 5429 Sieve Email Filtering: Reject and Extended Reject Extensions (

The Sieve mail filtering language, as originally defined in RFC 3028, specified that the "reject" action shall discard a message and send a Message Disposition Notification MDN to the envelope sender along with an explanatory message.

This implies that SMTP can decline messages at various stages during the SMTP exchange. However, the server may discard messages that are highly suspected of being spam, as indicated by Spamhaus's blacklist, without providing any notification to the sender. In such cases, there should be a log message indicating the rejection.


Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.