Yellow listed IP on hostkarma

My YunoHost server

Hardware: VPS bought online
YunoHost version: 11.2.8
I have access to my server : Through SSH | through the webadmin | direct access via keyboard / screen | …
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

new diagnosis show me this isue

Email (mail)

[ERROR] Your IP or domain XXX.XXX.XXX.XXX is blacklisted on Hostkarma

on the url Hostkarma Blacklist Removal Form checking the Ip, I’ve got this

IP address XXX.XXX.XXX.XXX returned DNS result code
XXX.XXX.XXX.XXX is Yellow listed - This is a good listing. It keeps you from being blacklisted.
Yellow means that your IP contains no information as to whether or not it is spam. Yahoo, Google, and Hotmail are Yellow Listed.

So ok it is not very important, I have read on the wiki

If the result is then the host is yellow listed. Yellow listing means that host generates some spam and some nonspam (examples:, What that means is that this host should never be blacklisted and that other IP based blacklists should be bypassed to prevent false positives.

I have edited the /etc/hosts like this       domain.tld
#       domain domain.tld
XXX.XXX.XXX.XXX domain domain.tld	localhost

::1	localhost	ip6-localhost	ip6-loopback
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters	domain

my /etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# is the systemd-resolved stub resolver.
# run "resolvectl status" to see details about the actual nameservers.


also I have add also this specific hook for rules on emails Share your "hooks" to apply custom configurations- Partagez vos "hooks" pour appliquer des configurations personnelles - #18 by Poine

I have these results

dig short

; <<>> DiG 9.18.19-1~deb12u1-Debian <<>> short
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23916
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 1232
;short.				IN	A

.			1111	IN	SOA 2023121001 1800 900 604800 86400

;; Query time: 68 msec
;; WHEN: Sun Dec 10 22:01:09 CET 2023
;; MSG SIZE  rcvd: 109

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19219
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 1232
; IN A

;; AUTHORITY SECTION: 3575 IN	SOA 1702241962 3600 3600 604800 3600

;; Query time: 576 msec
;; WHEN: Sun Dec 10 22:01:10 CET 2023
;; MSG SIZE  rcvd: 127

well, does I need do something ?

I have a doubt, I suspect with the app paheko_ynh, in last upgrade (I am the guilty), we have introduced the ability to send the mails from the app. But doing this, we have to put parameters like SMTP_PORT = 25 and SMTP_SECURITY = STARTTLS.

Reading the wiki in hostkarma, I am thinking about this

 Blocking outgoing traffic on port 25

The main trick is to block outgoing port 25 traffic on all computers except for your email server. That way a virus infected computer can't send email from your IP because it is blocked. Your users will be able to talk to your email server and it will send the email for them. I recommend using port 587 (submission) for this rather than port 25. 587 is a standard port for sending email from users to servers and is less likely to be blocked by the firewalls of others in case your staff is traveling and needs to connect to your email server for outgoing email. Generally port 587 email requires authentication (a password) and a virus wouldn't know the password to send email.

On the incoming side, if you are running a Windows based email server in particular you want to block all ports except for the ports that the email server needs to work. That will protect your email server from other port attacks should your server be vulnerable. Generally ports 25, 110, 143, 587, 993, and 995 should cover everything.

These setting will allow you to surf the web without the web surfing you. The important point here is that if your firewall is set up correctly it can block the email from virus infected computers. It creates a layer so that even if you have virus problems it still won't get you black listed.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.