XF 2.2 Help me figure what this 'Unknown' e-mails bounces so i can fix it.


Well-known member
Hello guys!

First, some context: i have a properly configured e-mail server, all connections are ok, the sending e-mail function is working and all that stuff. My IP and url reputation is high, no errors from loop feedback, DMARC, SPF and DKIM is all good, all connections are TSL and no deliveries errors (Infos from Postmaster from Google).

I have an exclusive e-mail for bounce, another for unsubscribe and another for sending mails. Apparently is everything correct.

But, since the e-mail function is working, I'm having a lot of bounce e-mails with the type 'Unknown' and no action taken.

The logs/e-mails are very confusing and very equal, depending on the service (gMail, Hotmail, Outlook, Yahoo, etc).

Lets see some example from Google (most common and most used). Some data was changed to preserve sensitive information, like hosts, address, IPs and that kind of stuff.

Return-Path: <noreply-dmarc-support@google.com>
Delivered-To: bounceemail@mydomain.com.br
Received: from my.host.com.br
    by my.host.com.br with LMTP
    id lFHsFOzgOGEQyhYA5BB3Ww
    (envelope-from <noreply-dmarc-support@google.com>)
    for <bounceemail@mydomain.com.br>; Wed, 08 Sep 2021 13:12:28 -0300
Received: from mail-numbers.google.com (mail-qk1-f201.google.com [some-ip.201])
    (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
     key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
    (No client certificate requested)
    by my.host.com.br (Postfix) with ESMTPS id 2CAAE82221E9
    for <bounceemail@mydomain.com.br>; Wed,  8 Sep 2021 13:12:28 -0300 (-03)
Authentication-Results: my.host.com.br;
    dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20210112 header.b=oZ7JRkm2
Received: by mail-qk1-f201.google.com with SMTP id q13-some-random-numbers38f784161so3892652qkm.8
        for <bounceemail@mydomain.com.br>; Wed, 08 Sep 2021 09:12:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
X-Gm-Message-State: AOAsome-random-numbers/NVozXZHrRoBWI+jkg/o+vlgVr78hwkg==
X-Google-Smtp-Source: some-random-numbers/LMLgaHoLtAM+kDKzp==
MIME-Version: 1.0
X-Received: by 2002:ae9:f50a:: with SMTP id o10m-random-numbers-letters;
 Wed, 08 Sep 2021 09:12:27 -0700 (PDT)
Date: Tue, 07 Sep 2021 16:59:59 -0700
Message-ID: <1167-random-numbers@google.com>
Subject: Report domain: my.domain.com.br Submitter: google.com Report-ID: 1133-random-numbers
From: noreply-dmarc-support@google.com
To: bounceemail@mydomain.com.br
Content-Type: application/zip;
Content-Disposition: attachment;
Content-Transfer-Encoding: base64

<<-- some random letters -->>

So, what we have to do here? I can just ignore this bounces? Is common?

Thanks guys.

Using XF on last version.
Yeah, i really don't know what to do with this:


Nobody is facing the same issue?

My e-mail settings are all fine for what i can see, no connection errors or any problems in the log. Note that i have one e-mail for unsubscription and another exclusively to bounce service.


I can use the webmail properly, including seeing the bounced emails.

About the bounced emails, is funny how they appear on the 'Inbox', creating multiple folders outside the Inbox Folder:


Should i open a ticket to try to get official help guys?
You need to sort out email bounce on cPanel...

Go to /var/cpanel/templates/dovecot2.x/ and copy main.default to main.local. Open that with nano and search for "autocreate", change "lda_mailbox_autocreate" to no, save, rebuild dovecot eg. /usr/local/cpanel/scripts/builddovecotconf, restart dovecot

Also you need to clear those folders.
Last edited:
Got to the email address and Manage.

Automatically Create Folders for Plus Addressing

Automatically Create Folders (Deselect)
Do Not Automatically Create Folders (Select) <-----
Guys, my greetings for trying to help to solve my problem.

Well, unfortunately i don't use CPanel do manage my server, i use CWP Control. And the Support for CWP or articles are very poor on this.

My hosting services in my country always charge for CPanel. And charge big!

Another point, my CWP Control is very 'basic', i just can't go to advanced options to properly configure my server.

Anyway, i have the option to contact the hosting support to try to fix this, but, i created a filter matching all e-mails to go to INBOX. I think they will go with all this folders and subfolders.

Let's see if XenForo Bounce Handler can 'read' in this way and see if any other suggestions appear.
Since this thread isn't too old, I'll reply. Note the DMARC reference in the Google address. DMARC is a method for instructing how to handle email that doesn't pass either SPF or DKIM. I have never seen a reply from Google about something like this (other than DMARC reports I get for my own domains.

But my first question is... are you sending email out as domains you do not control to a Google address? If you have a Gmail account, and are sending the Contact Us messages as the submitter's email address (an option in Xenforo), perhaps Google is identifying that your system isn't authorized to send as those domains.. and those domains are configured with DMARC p=reject (which tells any receiving email that they should reject the message if it fails DMARC).

If you aren't using that option, perhaps your provider for your own email domain has DMARC enabled, but your sending system (your configured mail relay) isn't setup in SPF or with DKIM for that domain.

Hope that helps... I can elaborate if you would like. At work, my team manages our DKIM/DMARC efforts, so I just happen to be familiar with DMARC more, and it isn't an acronym many know as much about.
Top Bottom