Thanks for providing that hook!
I tried using it, but somehow it didn’t work. What worked for me to solve this stupid Error: open resolver; was to add the following to my /etc/postfix/main.cf file:
reject_rhsbl_helo PERSONALKEY.dbl.dq.spamhaus.net=127.0.1.[2..99]
reject_rhsbl_reverse_client PERSONALKEY.dbl.dq.spamhaus.net=127.0.1.[2..99]
reject_rhsbl_sender PERSONALKEY.zrd.dq.spamhaus.net=127.0.2.[2..24]
reject_rhsbl_helo PERSONALKEY.zrd.dq.spamhaus.net=127.0.2.[2..24]
reject_rhsbl_reverse_client PERSONALKEY.zrd.dq.spamhaus.net=127.0.2.[2..24]
reject_rbl_client PERSONALKEY.zen.dq.spamhaus.net=127.0.0.[2..255]
however, like others I am concerned that with an update of yunohost, I would need to manually add those lines again, so I wonder what I did wrong.
First I created an account at Spamhaus Customer Portal to then generate my own key.
Then I did:
yunohost settings set email.antispam.enable_blocklists -v yes
yunohost tools regen-conf postfix
Then:
vim /etc/yunohost/hooks.d/conf_regen/20-postfix_spamhaus
Then:
- copy and paste the script you provided into that file and change the PERSONALKEY accordingly
Finally:
yunohost tools regen-conf postfix --force
I wonder about the permissions and ownership? Who should own that file and I guess it needs to be executed with a chmod +xfor the according user?
By the way this server is on Hetzner Cloud… it’s weird that for some people this issue is solved and I also did read this thread Trouble with spamhaus marking any mail as spam - #26 and Blocked using zen.spamhaus.org; Error: open resolver; - #34 by Aleks
**
**
——————-
EDIT (17.02.26): This Issue still persists at my server and I get the following error message when I try to send an email to my server:
host mywebsite.com [IPv4.IPv4.IPv4.IPv4] said: 554 5.7.1
Service unavailable; Client host [IPv4.IPv4.IPv4.IPv4] blocked using
zen.spamhaus.org; Error: open resolver;
https://check.spamhaus.org/returnc/pub/IPv6-Adress_from_my_server/ (in reply to
RCPT TO command)
Even though https://check.spamhaus.org/ says myserver.com “has no issues” and I added those reject_rhsbl_helo policies according to @metyun ….