Trouble with spamhaus marking any mail as spam

Hi

I’ve recently noticed that I wasn’t receiving some emails from well known organizations, namely github and enedis, that I can’t suspect of being considered spam senders.

Looking to my mail log I’ve noticed that indeed the email was sent, but block by spamhaus.

Feb 25 12:11:46 postfix/smtpd[799447]: NOQUEUE: reject: RCPT from out-17.smtp.github.com[192.30.252.200]: 554 5.7.1 Service unavailable; Client host [192.30.252.200] blocked using cbl.abuseat.org; Error: open resolver; https://www.spamhaus.org/returnc/pub/66.185.123.232; from=<noreply@github.com> to=<mail@domain.tld> proto=ESMTP helo=<out-17.smtp.github.com>

Looking at it, I’ve discovered that github wasn’t the only service to be blocked, and I actually missed a lot of mails over time that never reached my mail box because of that.
But hard to notice unless you’re actually waiting for a specific email that doesn’t come…

Investigating that, it appears that spamhaus changed its policy over its free service and doesn’t allow to use open dns services.

I’m not sure our usage of open dns resolver in dnsmasq is actually link to that issue.
But I guess if the server is contacting spamhaus, it should do it using dnsmasq, and thus using an open resolver in the process.
I can’t figure out though, why and how it would be an issue. This would be a server’s matter only.

Spamhaus talk about reverse dns set up correctly, which doesn’t seem to be an issue in my config, while other are just saying that spamhaus is getting rid of its free service.

I’d like to know if some of you have experienced any issue of that kind.
A sudo cat /var/log/mail.info | grep reject would gives you a list of recently rejected mails. As far as I can see, that’s mostly legit mails in my case…

The question being, is it just an error on my side or would it be something we should really investigate and maybe consider removing spamhaus from postfix configuration.

3 Likes

Same just happened with abuseat, without spamhaus, when modifying my email address on OVH, I couldn’t receive a confirmation code because OVH mail was silently rejected as a spam.

postfix/smtpd[3229311]: NOQUEUE: reject: RCPT from mo401.mail-out.ovh.net[51.254.194.161]: 554 5.7.1 Service unavailable; Client host [51.254.194.161] blocked using cbl.abuseat.org; from=<ch9367-ovh@undelivered.ovh.com> to=<mail@domain.tld> proto=ESMTP helo=<mo401.mail-out.ovh.net>

That’s really an issue to consider, I’ve totally removed any spam filter from my postfix config, rather have spams in my spam box than having important emails silently rejected without any information !

2 Likes

Hello, sorry I won’t be of any help unless to tell you that it is NOT just you, and it seems like an important thing to investigate ! This happens to me with various emails simply never showing up.
When I did the command line you suggested it showed : postfix/smtpd[20526]: NOQUEUE: reject: RCPT from unknown[171.22.30.237]: 554 5.7.1 Service unavailable; Client host [171.22.30.237] blocked using cbl.abuseat.org; https://www.spamhaus.org/query/ip/171.22.30.237; from=spameri@tiscali.it to=spameri@tiscali.it proto=ESMTP helo=
I know for a fact that just yesterday a personal email and a neocities email never showed up.

1 Like

Hi @nouckey

Your answer does help actually by letting me know that I’m not the only one.
Thank you for your feedback.

My point here was mainly to raise a concern about it and show how to investigate if you suspect it happened to you.

As I said previously though, I’ve commented out all 3 lines responsible for spam filtering, in /etc/postfix/main.cf

#    reject_rbl_client bl.spamcop.net,
#    reject_rbl_client cbl.abuseat.org,
#    reject_rbl_client zen.spamhaus.org,

The result is that I have one spam every 2/3 days, but all the legit emails are back in my mail box.
While waiting for the YNH team to get any interest in this matter, to not have any spam filtering is way better than the default and faulty setting.

9 Likes

Oh I didn’t understand that you actually did it ! Thank you for re-explaining that to me, I sudo nano the sh*t out of that antispam hihi, hope that will work, that’s exactly what I wanted !

I have the same difficulties with spamhaus

Awesome, thanks for sharing!

The issue is stated there.

Some documentation about it: DNSBL Error Code - Open/public resolver - The Spamhaus Project and Successfully accessing Spamhaus' free blocklists using a public DNS - Spamhaus Technology

Basically your server uses an open resolver, and SpamHaus does not like that as it can be abused to circumvent their free tier.

In my case, my OVH VPS was automatically configured (in /etc/resolv.conf or /etc/network/interfaces.d/ I think) with their own DNS servers. Removing that and making sure our own dnsmasq was used fixed the issue.

3 Likes

YunoHost is configured to use open resolvers for privacy concern. So it seems we have a problem here…
Anyway, for what I’m concern, without spam filtering, everything is fine.

Is this issue tracked somewhere in the Yunohost project? Where could we report the issue? It feels rather serious as I understand it impacts any user with the default configuration.

1 Like

Had this same issue where all incoming email was being marked as spam, commented out the spam lists for now.

There should be an option to configure whether emails marked spam should be rejected or tagged as such

1 Like

Hi, what was the solution to fix this? I’m facing this issue now with my bear-host server from OHV issue with receiving emails. Can you redirect me to the right direction.

I have also been facing a similar issue:
– a couple times even emails from friends who I have corresponded with in the past via email have been marked as Spam and moved to the Spam folder without me realizing.

I haven’t yet looked into logs of why they were marked as spam, but this thread has helpful leads, and I will try turning off the spam filter for now.

more than a year later I can say that I’m very happy with this fix commenting out anti-spam filters ! (my issue was the non-delivery period, and not the mail arriving in spam folder)

In a year I’ve had about 60 spam emails, usually caught in the “spam” folder of thunderbird, so that causes very little inconvenience.
And I now actually get better email reception than with professional providers (I’m looking at you infomaniak, but frankly gmail was not better and the source of many headaches for email providers)

(my self-hosted adress is not my main adress, but is linked with my public domain name)

2 Likes

Can anybody on the Yunohost dev team explain why removing these over-aggressive spam filters isn’t the default, or at least an opt-out/in during installation? Receiving a bit more spam can be annoying (although, like others, I’ve faced zero impact to my spam filtering after commenting out the filters due to Thunderbird filtering), but not receiving important mail from legitimate sources can be a show-stopper for using Yunohost as a mail server.

And if there are no plans to change the default, would an opt-in/out install/config option be welcome as a contribution?

And if you deactivate in:

/usr/share/yunohost/dnsbl_list.yml
- name: Spamhaus ZEN
  dns_server: zen.spamhaus.org
  website: https://www.spamhaus.org/zen/
  ipv4: true
  ipv6: true
  domain: false
  non_blacklisted_return_code: []