Spamhaus rejecting all incoming emails…

zero1Dre · August 12, 2022, 12:28pm

Hi everyone,

Someone just called me to let me know my server is rejecting all incoming emails.

I just tested and this is the type of email I get back. I have no idea what that client IP is. I disabled all VPN and still get that message.

This is the mail system at host smtp2-g21.free.fr.

I’m sorry to have to inform you that your message could not
be delivered to one or more recipients. It’s attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

              The mail system

me@domain.ltd: host domain.ltd[ server IP] said: 554 5.7.1 Service
unavailable; Client host [212.27.42.2] blocked using cbl.abuseat.org;
Error: open resolver;
DNSBL Error Code - Open/public resolver - The Spamhaus Project (in
reply to RCPT TO command)

zero1Dre · August 14, 2022, 4:50pm

As an update to this topic—I have found no other solution than to migrate the system to another fresh install.
Of course, things are back to normal as a result.

kuba-orlik · September 5, 2022, 7:19am

Commenting out the

    reject_rbl_client zen.spamhaus.org,

line in /etc/postfix/main.cf helped, although I’m not sure if it’s a safe thing to do

zero1Dre · September 5, 2022, 6:43pm

Thank you for the suggestion.
I migrated my instance to another VPS provider and it’s now all good.
Maybe the previously assigned address had been misused and I inherited it … (?)

kuba-orlik · September 6, 2022, 7:51am

In my case the reported problematic IP was not that of my VPS, but it was the IP of my personal computer… Sending the email via VPS worked

Pablo · September 16, 2022, 4:38pm

It’s not a bug, it’s a functionality: spamhaus stopped supporting public DNS resolvers since January 2022.

Pablo · September 16, 2022, 9:20pm

https://docs.spamhaus.com/datasets/docs/source/40-real-world-usage/MTAs/020-Postfix.html#

Cellophile · September 29, 2022, 4:55pm

Bonjour,
Alors si je résume ce que j’ai lu et fait, voilà ce que ça donne. Ce n’est pas un mode d’emploi, mais ça peut le devenir, si d’autres valident/modifient certaines choses. En tout cas, on ne va pas pouvoir garder la configuration fournie telle qu’elle est fournie par yunohost, puisque ça coince.

Se créer un compte gratuit pour le DQS
Free 30 Day Trial for Data Query Service - Spamhaus Technology
on reçoit un mail pour valider la chose, puis :
Une fois connecté, récupérer les clés
Dans le portail, aller ici : Spamhaus Customer Portal
(products > DQS)
Modifier la configuration postfix
Pour cela, ils proposent un très bon guide ici : Spamhaus Customer Portal
ouvrir /etc/postfix/main.cf
Commencer par commenter la configuration actuelle :

smtpd_client_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client cbl.abuseat.org,
    # reject_rbl_client zen.spamhaus.org,
    permit

Ensuite, suivre la partie 3.1.2 Configuring postfix du lien donné, qui explique tout pas à pas.
Les modifications ne seront pas à faire dans smtpd_client_restrictions mais dans smtpd_recipient_restrictions.
Redémarrer postfix.

Tester sa configuration
Toujours avec spamhaus, un outil permet de vérifier ce qu’on vient de faire :
https://blt.spamhaus.com/
Bon perso, j’ai un très bon score avec le Data Query Service Test, mais pourri avec le Public Mirrors Test, il y a peut-être encore des choses que je n’ai pas compris ?

Et j’en profite pour poser la question sur les deux autres listes utilisées : cbl.abuseat.org et bl.spamcop.net, sont-elle utiles, actualisées, et placées au bon endroit ?

system · October 29, 2022, 4:55pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.