This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

Increased Trouble With Spamhaus

4 posts / 0 new

Topic locked

Last post

#1 Wed, 03/30/2016 - 10:10

stan

Increased Trouble With Spamhaus

Increasingly we are having trouble with Spamhaus blocking legitimate email, including email sent from one of our server customers to another server customer. Since we haven't had this problem up until the last 3 weeks or so, we're guessing some update or new relationship between Spamhaus and Spam Assassin has been deployed. If you have thoughts about this, please comment. If no one has thoughts about it, my question would be can I disable Spamhaus as a filtering tool?

#2 Wed, 03/30/2016 - 10:41

andreychek

Howdy,

Hmm, I hadn't run into that personally.

However, just to clarify -- is it a SpamAssassin rule that's being triggered? If so, can you share the X-Spam-Status header of the email that was incorrectly marked as spam?

-Eric

#3 Wed, 03/30/2016 - 11:24 (Reply to #2)

stan

The mail system

stan@stanbond.com (expanded from info@TheMontgomeryFoundation.com): host mail.stanbond.com[2600:3c00::f03c:91ff:fe89:742b] said: 554 5.7.1 Service unavailable; Client host [2600:3c00::f03c:91ff:fe89:74ee] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS (in reply to RCPT TO command)

Final-Recipient: rfc822; stan@stanbond.com Original-Recipient: rfc822;info@TheMontgomeryFoundation.com Action: failed Status: 5.7.1 Remote-MTA: dns; mail.stanbond.com Diagnostic-Code: smtp; 554 5.7.1 Service unavailable; Client host [2600:3c00::f03c:91ff:fe89:74ee] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS

Return-Path: X-Greylist: delayed 300 seconds by postgrey-1.34 at eagle; Wed, 30 Mar 2016 01:13:11 CDT Received: from SNT004-OMC1S40.hotmail.com (snt004-omc1s40.hotmail.com [65.54.61.77]) by eagle.marketus.net (Postfix) with ESMTPS id 22F4B465F7 for ; Wed, 30 Mar 2016 01:13:10 -0500 (CDT) Received: from NAM03-DM3-obe.outbound.protection.outlook.com ([65.55.90.7]) by SNT004-OMC1S40.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008); Tue, 29 Mar 2016 23:08:11 -0700 Received: from CO1NAM03FT012.eop-NAM03.prod.protection.outlook.com (10.152.80.59) by CO1NAM03HT104.eop-NAM03.prod.protection.outlook.com (10.152.81.137) with Microsoft SMTP Server (TLS) id 15.1.453.6; Wed, 30 Mar 2016 06:08:10 +0000 Received: from BLUPR13MB0209.namprd13.prod.outlook.com (10.152.80.52) by CO1NAM03FT012.mail.protection.outlook.com (10.152.80.99) with Microsoft SMTP Server (TLS) id 15.1.453.6 via Frontend Transport; Wed, 30 Mar 2016 06:08:10 +0000 Received: from BLUPR13MB0209.namprd13.prod.outlook.com ([10.162.93.14]) by BLUPR13MB0209.namprd13.prod.outlook.com ([10.162.93.14]) with mapi id 15.01.0443.014; Wed, 30 Mar 2016 06:08:09 +0000 From: Chrissy Weihofen To: "info@TheMontgomeryFoundation.com" Subject: Little Free Library

#4 Wed, 03/30/2016 - 12:30

andreychek

Howdy,

It looks like there's a Postfix policy service setup to block things based on SpamHaus settings... the IP address "2600:3c00::f03c:91ff:fe89:74ee", is that on your server?

That IP is listed in the SpamHaus CSS database... SpamHaus describes that database here:

https://www.spamhaus.org/css/

As long as your server is listed there, you may want to stop Postfix from using that particular RBL.

-Eric

Topic locked