zen.spamhaus.org or postfix or control web panel

Few days ago I noticed a plenty of email messages denied by system in /var/log/maillog, system gone wild.
Zen spamhaus  org in combination with postfix configuration marked some incoming email servers as blacklisted servers, some of them weren't on spamhaus list at all.

I tested some IP addresses there:
https://check.spamhaus.org/

Configuration of postfix main.cf wasn't changed for months.
Maybe anyone have more info about that problem? Is it spamhaus error/bug with false positive reporting or is there anything with the current system?


Example:

Code: [Select]

Aug 18 14:47:46 srv postfix/smtpd[32701]: NOQUEUE: reject: RCPT from example.mailserver.com[xxx.xxx.xxx.xxx]: 554 5.7.1 Service unavailable; Client host [xxx.xxx.xxx.xxx] blocked using zen.spamhaus.org; from=<some.user@exampleserver.com> to=<someuser@exampleserver.com> proto=ESMTP helo=<example.mailserver.com>

Thank you,
BR.

Recently I installed a new server with CWP and have the same problem.

The problem only occurs when I build the mail server with the option: AntiSpam/AntiVirus (recommended).

When I do not check the box for this option and rebuild de mailserver, email is running fine.

I also have another server running with CWP, I don't have that problem there.

The only difference between the two servers is the OS:
Server 1 (no problems): CentOS Linux release 7.9.2009 (Core)
Server 2 (with problems): CentOS Stream release 8

Did you find a solution for this problem?

After experiencing the same issue, I was able to rebuild the server with the AntiSpam/AntiVirus option checked so long as I manually disabled zen.spamhaus.org in the postfix main.cf

smtpd_sender_restrictions = ... remove reject_rbl_client zen.spamhaus.org

This is due to a change in how Spamhaus provides this service. They now use Spamhaus DQS. See this for reference: https://www.spamhaus.org/returnc/pub/3.101.145.207. You have to sign up for the free service and change your postfix configuration to use a custom endpoint for reject_rbl_client. There are some additional lookup services that they provide as well that can be added to the postfix configuration. Everything works as expected after updating using their instructions and the use of the Spamhaus service is restored.

I reached out to CWP tech support about it and they are aware of the issue

Sorry for the bump in this thread, but I think this bump is better than opening another thread.

I migrated my server to another VPS a month and a half ago, today I just realized that I was not receiving emails outside of the domain itself... investigating I have seen that the problem lies in the blocking by zen.spamhaus.org.
On their own website there is an IP check, both ipv4 and ipv6 indicate that they are ok, but until I have removed reject_rbl_client zen.spamhaus.org I have not received emails from outside the domain.

And it is exactly the same as described in this thread:
The problem only occurs when I build the mail server with the option: AntiSpam/AntiVirus (recommended).

Tomorrow I will contact zen.spamhaus.org to see what solution they indicate according to what my colleague ccsinteractive says.

Greetings.

Have you tried configuring it using their DQS service (with an API key)? I would test that scenario, too.

Have you tried configuring it using their DQS service (with an API key)? I would test that scenario, too.

No, not at the moment, I don't know how to do it.
I have contacted them but I haven't received a response yet.
At the moment, the solution has been to remove their entry in the main.cf file, but this is temporary, I hope they answer me and see what they say.

Thanks for your reply.