Few five days ago I noticed users in my Yunohost server were not receiving email. People from other domains, when trying to send us emails they were getting different messages like this one:
This is the mail system at host mx0.riseup.net.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients.
The mail system
<peer@mydomain.tld>: host mydomain.tld[11.11.11.11] said: 554 5.7.1 Service
unavailable; Client host [198.252.153.6] blocked using zen.spamhaus.org (in
reply to RCPT TO command)
Reporting-MTA: dns; mx0.riseup.net
X-Postfix-Queue-ID: 4cp8Pl2sHTz9wYq
X-Postfix-Sender: rfc822; someone@riseup.net
Arrival-Date: Fri, 17 Oct 2025 15:48:59 +0000 (UTC)
Final-Recipient: rfc822; peer@mydomain.tld
Original-Recipient: rfc822;peer@mydomain.tld
Action: failed
Status: 5.7.1
Remote-MTA: dns; mydomain.tld
Diagnostic-Code: smtp; 554 5.7.1 Service unavailable; Client host
[198.252.153.6] blocked using zen.spamhaus.org
Or this one:
Error: Undelivered Mail Returned to Sender ā This is the mail system at host externaldomain.org.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients.
The mail system
<peer@mydomain.tld>: host mydomain.tld[11.11.11.11] said: 554 5.7.1 Service
unavailable; Client host [22.22.22.22.] blocked using cbl.abuseat.org;
Error: open resolver;
https://check.spamhaus.org/returnc/pub/2001:19f0::2dc5/
(in reply to RCPT TO command)
Message-ID: 6262b439-959710997f88@localhost
Server-URL: </INBOX/;UID=5833>
No Hop Info
I tried several things but could not fix it, then after some hours it suddenly got fixed by itself. Without doing anything things started to work and people from other domains could send us emails again.
Yesterday it happened again, users from other domains were not able to send us emails and were receiving again the same kind of error messages. I thought the problem was this one and I upgraded Yunohost to 12.1.29, but the problem remains. This time the problem does not seem to suddenly get away by itself, we are now more than 24 hours without email.
I donāt understand what is happeningā¦ I need help.
I was wrong, it is not fixed, it is happening again, the cbl.abuseat.orgthing again. We cannot receive mail, external senders keep getting messages this one:
Error: Delivery status notification: failed ā Hi!
This is the MAILER-DAEMON, please DO NOT REPLY to this email.
An error has occurred while attempting to deliver a message for
the following list of recipients:
peer@peerdomain.tld: 554 5.7.1 Service unavailable; Client host [193.34.69.156] blocked using cbl.abuseat.org; Error: open resolver; https://check.spamhaus.org/returnc/pub/2001...
So, weāre hopeful that version 12.1.30 should more exhaustively address the issues, in particular for incorrectly rejecting incoming emails. The fix mainly revolves around tweaking dnsmasqās configuration to route spamhaus queries directly to spamhaus servers (instead of via an open resolver) - in particular this should also apply to queries from postfix and not just the diagnosis.
Selection of the relevant commits from 12.1.30:
in DNSmasq conf, route queries about spamhaus to spamhausās own nameservers to avoid āopen resolverā errors (b45b9d4f4)
remove reject_rbl_client abuseat.org from postfix conf because itās in fact spamshaus.org since a few years (42f0b91bf)
revert prefix prefix fix for diagnosis for spamhaus, which is obsolete now that dns queries for spamhaus are now route at dnsmasq level (51c468735)
remove abuseat.org for DNSbl to check in diagnosis, because it is in fact spamhaus.org since a few years (6af034820)
when obtaining an āopen resolverā reason, advise admins to check their /etc/resolv.conf (#2201)
