Author Topic: zen.spamhaus.org or postfix or control web panel  (Read 944 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
zen.spamhaus.org or postfix or control web panel
« on: August 19, 2022, 01:16:32 PM »
Few days ago I noticed a plenty of email messages denied by system in /var/log/maillog, system gone wild.
Zen spamhaus  org in combination with postfix configuration marked some incoming email servers as blacklisted servers, some of them weren't on spamhaus list at all.

I tested some IP addresses there:
https://check.spamhaus.org/

Configuration of postfix main.cf wasn't changed for months.
Maybe anyone have more info about that problem? Is it spamhaus error/bug with false positive reporting or is there anything with the current system?


Example:
Code: [Select]
Aug 18 14:47:46 srv postfix/smtpd[32701]: NOQUEUE: reject: RCPT from example.mailserver.com[xxx.xxx.xxx.xxx]: 554 5.7.1 Service unavailable; Client host [xxx.xxx.xxx.xxx] blocked using zen.spamhaus.org; from=<some.user@exampleserver.com> to=<someuser@exampleserver.com> proto=ESMTP helo=<example.mailserver.com>

Thank you,
BR.
« Last Edit: August 19, 2022, 01:30:23 PM by idovecer »

Offline
*
Re: zen.spamhaus.org or postfix or control web panel
« Reply #1 on: October 12, 2022, 11:36:57 AM »
Recently I installed a new server with CWP and have the same problem.

The problem only occurs when I build the mail server with the option: AntiSpam/AntiVirus (recommended).

When I do not check the box for this option and rebuild de mailserver, email is running fine.

I also have another server running with CWP, I don't have that problem there.

The only difference between the two servers is the OS:
Server 1 (no problems): CentOS Linux release 7.9.2009 (Core)
Server 2 (with problems): CentOS Stream release 8

Did you find a solution for this problem?

Offline
*
Re: zen.spamhaus.org or postfix or control web panel
« Reply #2 on: November 14, 2022, 05:10:06 PM »
After experiencing the same issue, I was able to rebuild the server with the AntiSpam/AntiVirus option checked so long as I manually disabled zen.spamhaus.org in the postfix main.cf

smtpd_sender_restrictions = ... remove reject_rbl_client zen.spamhaus.org

This is due to a change in how Spamhaus provides this service. They now use Spamhaus DQS. See this for reference: https://www.spamhaus.org/returnc/pub/3.101.145.207. You have to sign up for the free service and change your postfix configuration to use a custom endpoint for reject_rbl_client. There are some additional lookup services that they provide as well that can be added to the postfix configuration. Everything works as expected after updating using their instructions and the use of the Spamhaus service is restored.

I reached out to CWP tech support about it and they are aware of the issue