All inbound emails get Spamassassin'ed (even Google's?!)

Hi there,

I have noticed that I wasn’t receiving emails anymore, so I tested my inbox with my google account and sure enough: nothing. A day later Google bounced back with a error message, stating that my server rejected the email based bc the IP was on a blacklist. Weird, I though, but ok let’s ask some pals to try it as well (using their own email boxes as well as their icloud mail boxes) and they all bounced as well. I don’t get it at all, because it somehow finds all their IP on zen.spamhaus’es blacklist?

Any idea what could have gone wrong here? This surely can’t be expected behaviour. The only thing that I have edited in the configs is 2 lines in the exim4 config to force report the outbound emails as coming from my hostname so it lines up with the PTR records (smtp_active_hostname).

Thanks in advance!

Spamhaus doesn’t allow their lists to be queried via public DNS resolvers. They helpfully communicate this with those who violate their policy by returning every query as being in the blocklist. You will need to adjust how you access their lists to comply with their terms.

Suggestions on how to do that in a non-public dns resolvers way? I found on another thread that someone suggested just yeeting spamhaus from the dnsbl conf altogether, but that doesn’t resonate with me.

The linked article in my previous reply covers all of the options in detail.

Alright so I did the following:

  1. Decided I wanted to keep using public recursive DNS’es, so getting a spamhaus free DQS account was necessary: did that, got an activated account etc.
  2. Looked at their setup steps for Spamassassin: GitHub - spamhaus/spamassassin-dqs: Spamhaus code for the Spamassassin plugin. See . I don’t have HBL so I did the non-HBL steps.
  3. Checked the configuration steps using spamassassin --lint, no errors.
  4. Rebooted the server to make sure the DQS setup was locked and loaded.
  5. Checked one of the emails on
C: <Establish TCP connection>
S: 220 [redacted]
S: 250-[redacted] Hello []
S: 250-SIZE 52428800
S: 250 HELP
C: MAIL FROM:<[email protected]>
S: 250 OK
C: RCPT TO:<[redacted]>
S: 550-Rejected because is in a black list at
S: 550 Error: excess volume;
S: 221 [redacted] closing connection
C: <Close TCP connection>

This to me tells me that the whole DQS setup just isn’t working.

You should edit exim conf, take a look to this doc


This totally fixed it. Should I undo the spamhaus stuff I did with spamassassin?

There is no need to undo that, it can help to fight the spam on your server so if it works fine, I see no reason to remove it.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.