Zen.spamhaus.org intermitent open resolver error. 😕

RaggedStaff · December 24, 2025, 12:32am

What type of hardware are you using: VPS bought online
What YunoHost version are you running: 12.1.37
How are you able to access your server: SSH
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: I have registered a free DQS account with Spamhuas & applied the relevant config to postfix (detailed here ). I have verifed that postfix is utilising the service using the spamhaus portal.

Describe your issue

I have looked through the support forums & found a few entries, including 40498 & 40916. I’ve worked through them all & implemented all the identified steps, including:

checked /etc/resolv.conf contains nameserver 127.0.0.1
ports 53 & 5353 are closed on the firewall
commented out the IPv6 entries in /etc/dnsmasq.d/spamhaus & reloaded dnsmasq service

I am still (sometimes) getting open resolver errors from the Yunhost diagnosis feature.

When I attempt to confirm this at https://check.spamhaus.org (here & here) no issues are reported. However I am intermittently having actual issues with mail delivery - incoming mail rejected by the sending server (displaying the same error).

Share relevant logs or error messages

The relevant entries from /yunohost/admin/#/diagnosis are:

Your IP or domain 167.235.79.44 is blocklisted on Spamhaus ZEN

    After identifying why you are listed and fixing it, feel free to ask for your IP or domain to be removed on https://www.spamhaus.org/zen/

Your IP or domain 2a01:4f8:c0c:c76e:: is blocklisted on Spamhaus ZEN

Gwylohm · December 24, 2025, 6:16am

Hi,

Did you remove “zen.spamhaus.org” in /etc/postfix/main.cf? Or did you use the hook mentioned here?

Indeed, if you use the DQS, you should remove the zen.spamhaus.org line, otherwise the problems will continue with the open resolver error for receiving emails.

RaggedStaff · December 24, 2025, 11:30am

Hey,

Thanks for your response.

I’d forgotten about that.

I commented out all 3 default resolvers this morning, and it seemed ok: for a couple of hours diagnosis was passing. It’s started failing again (same error as before).

jarod5001 · December 24, 2025, 1:58pm

Did you disable ipv6 for email in the webadmin?

RaggedStaff · December 24, 2025, 5:59pm

Ok, I tried that & the IPv6 error has disappeared from the diagnostics, but the IPv4 error is still there.

I think that fix only applies to OVH hosted VPS’s, as Spamhaus doesn’t recognise OVH v6 IP:s.

system · January 23, 2026, 6:00pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.