Postfix bounce sent twice (double-bounce)

Question

I have a send only postfix MTA configured that is allowed to send from @example.com

When a bounce happens, I would like to handle that in a script.

I followed the steps given by this answer: https://serverfault.com/a/735721/444076

My script gets called correctly, but the from address still receives an email with the bounce. How can I prevent that from happening ?

main.cf

mydestination = bounce.example.com, localhost

# BOUNCE CONFIG
notify_classes = bounce
bounce_notice_recipient = bounce@bounce.example.com
transport_maps = hash:/etc/postfix/transport_maps
bounce_size_limit = 1

transport_maps

# when you make changes to this file, run:
#   sudo postmap /etc/postfix/transport_maps
bounce@bounce.example.com   bulkbounce:

master.cf

bulkbounce unix -       n       n       -       -       pipe
  flags=FRq user=nouser argv=/path/to/bouncescript.sh

However sending a mail like (valid from, invalid rcpt):

FROM: someuser@example.com
TO: invalid@invalid.com
SUBJECT: ...
...

Results in my script being called (good) and someuser@example.com receiving an email with the bounce message (not wanted).

How can I disable that ? Or what am I missing.

Example logs:

Nov 16 17:27:32 dev postfix/smtpd[6654]: connect from localhost[::1]
Nov 16 17:27:32 dev postfix/smtpd[6654]: 486FED9F98: client=localhost[::1]
Nov 16 17:27:32 dev postfix/cleanup[6658]: 486FED9F98: message-id=<3884f81324a6b2e7dfd90e01c3477084@swift.generated>
Nov 16 17:27:32 dev postfix/qmgr[6652]: 486FED9F98: from=<someuser@example>, size=544, nrcpt=1 (queue active)
Nov 16 17:27:32 dev postfix/smtpd[6654]: disconnect from localhost[::1]
Nov 16 17:28:13 dev postfix/smtp[6659]: 486FED9F98: to=<bouncetest@tribulant.com>, relay=tribulant.com[23.22.38.89]:25, delay=41, delays=0.05/0.02/21/20, dsn=5.0.0, status=bounced (host tribulant.com[23.22.38.89] said: 550 No such person at this address. (in reply to RCPT TO command))
Nov 16 17:28:13 dev postfix/cleanup[6658]: 7604CD9F9D: message-id=<20171116172813.7604CD9F9D@app.example.com>
Nov 16 17:28:13 dev postfix/qmgr[6652]: 7604CD9F9D: from=<>, size=2984, nrcpt=1 (queue active)
Nov 16 17:28:13 dev postfix/bounce[6693]: 486FED9F98: sender non-delivery notification: 7604CD9F9D
Nov 16 17:28:13 dev postfix/cleanup[6658]: 76DAED9F9E: message-id=<20171116172813.76DAED9F9E@app.example.com>
Nov 16 17:28:13 dev postfix/qmgr[6652]: 76DAED9F9E: from=<double-bounce@app.example.com>, size=2599, nrcpt=1 (queue active)
Nov 16 17:28:13 dev postfix/bounce[6693]: 486FED9F98: postmaster non-delivery notification: 76DAED9F9E
Nov 16 17:28:13 dev postfix/qmgr[6652]: 486FED9F98: removed
Nov 16 17:28:13 dev postfix/smtp[6659]: 7604CD9F9D: to=<someuser@example>, relay=mx.mailprotect.be[178.208.39.141]:25, delay=0.08, delays=0/0/0.05/0.03, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as C0B5E4401F4)
Nov 16 17:28:13 dev postfix/qmgr[6652]: 7604CD9F9D: removed
Nov 16 17:28:13 dev postfix/pipe[6694]: 76DAED9F9E: to=<bounce@bounce.example.com>, relay=bulkbounce, delay=0.16, delays=0/0.01/0/0.15, dsn=2.0.0, status=sent (delivered via bulkbounce service)
Nov 16 17:28:13 dev postfix/qmgr[6652]: 76DAED9F9E: removed

fqdn: app.example.com

Answer 1

Now that I understand what was happening the answer is obvious.

Following the RFC the MTA (should) always send a bounce message to the sender (FROM or Return Path if set).

Adding the notify_classes does not change this behaviour, it adds behaviour on top of it. (So a 2nd mail is sent)

To achieve what I wanted, that only the script gets called, I removed the notify_classes and bounce_notice_recipient. Plus, I changed our application to always add a "Return-Path" header with bounce@bounce.example.com

When a bounce happens, the MTA sends a bounce message to the FROM or the Return Path if it has been set (which is now bounce@bounce.example.com). As this email is mapped in the transport_maps it get's piped to the script and no emails are actualy sent. Hooray