Emails received are rejected

abhelou · October 28, 2025, 1:32pm

Hello

I have an issue with mails server. all incoming emails are being rejected
Rejected because 209.85.210.45 is in a black list at ``zen.spamhaus.org

/etc/systemd/resolved.conf

[Resolve]
DNS=76.76.2.0 76.76.10.0

curl -fsSL https://7j.gg/chksph2 | bash -s –

root@panel:/home/ubuntu# curl -fsSL https://7j.gg/chksph2 | bash -s --
Test 01: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 02: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 03: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 04: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 05: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 06: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 07: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 08: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 09: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 10: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4

Result is good, Spamhaus works fine with your current DNS Resolver 127.0.0.53

any suggestion ?

abhelou · October 28, 2025, 1:37pm

i tried to reboot server. after reboot im getting dns resolver timeout

root@panel:/home/ubuntu# curl -fsSL https://7j.gg/chksph2 | bash -s --
Test 01: Request ignored by Spamhaus or DNS Resolver timed out
Test 02: Request ignored by Spamhaus or DNS Resolver timed out
Test 03: Request ignored by Spamhaus or DNS Resolver timed out
Test 04: Request ignored by Spamhaus or DNS Resolver timed out
Test 05: Request ignored by Spamhaus or DNS Resolver timed out
Test 06: Request ignored by Spamhaus or DNS Resolver timed out
Test 07: Request ignored by Spamhaus or DNS Resolver timed out
Test 08: Request ignored by Spamhaus or DNS Resolver timed out
Test 09: Request ignored by Spamhaus or DNS Resolver timed out
Test 10: Request ignored by Spamhaus or DNS Resolver timed out

Result is bad, Spamhaus is blocking/ignoring your current DNS Resolver 127.0.0.53{}
root@panel:/home/ubuntu# resolvectl status
Global
         Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: stub
Current DNS Server: 76.76.2.0
       DNS Servers: 76.76.2.0 76.76.10.0

Link 2 (enp0s6)
    Current Scopes: DNS
         Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 169.254.169.254
       DNS Servers: 169.254.169.254
        DNS Domain: abdo.oraclevcn.com

Link 3 (docker0)
    Current Scopes: none
         Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

nu01 · October 28, 2025, 1:42pm

Check first via curl -sSL ``https://7j.gg/chksph2`` | bash -s --

Then apply a different resolver as stated:

abhelou · October 28, 2025, 1:47pm

root@panel:/home/ubuntu# curl -fsSL https://7j.gg/chksph2 | bash -s --
Test 01: Request ignored by Spamhaus or DNS Resolver timed out
Test 02: Request ignored by Spamhaus or DNS Resolver timed out
Test 03: Request ignored by Spamhaus or DNS Resolver timed out
Test 04: Request ignored by Spamhaus or DNS Resolver timed out
Test 05: Request ignored by Spamhaus or DNS Resolver timed out
Test 06: Request ignored by Spamhaus or DNS Resolver timed out
Test 07: Request ignored by Spamhaus or DNS Resolver timed out
Test 08: Request ignored by Spamhaus or DNS Resolver timed out
Test 09: Request ignored by Spamhaus or DNS Resolver timed out
Test 10: Request ignored by Spamhaus or DNS Resolver timed out

Result is bad, Spamhaus is blocking/ignoring your current DNS Resolver 127.0.0.53{}
root@panel:/home/ubuntu# resolvectl status
Global
         Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: stub
Current DNS Server: 76.76.2.0
       DNS Servers: 76.76.2.0 76.76.10.0

Link 2 (enp0s6)
    Current Scopes: DNS
         Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 169.254.169.254
       DNS Servers: 169.254.169.254
        DNS Domain: abdo.oraclevcn.com

Link 3 (docker0)
    Current Scopes: none
         Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

nu01 · October 28, 2025, 1:53pm

Restart the service once. Then retry.

abhelou · October 28, 2025, 2:15pm

still same

root@panel:/# curl -sSL ``https://7j.gg/chksph2`` | bash -s --
Test 01: Request ignored by Spamhaus or DNS Resolver timed out
Test 02: Request ignored by Spamhaus or DNS Resolver timed out
Test 03: Request ignored by Spamhaus or DNS Resolver timed out
Test 04: Request ignored by Spamhaus or DNS Resolver timed out
Test 05: Request ignored by Spamhaus or DNS Resolver timed out
Test 06: Request ignored by Spamhaus or DNS Resolver timed out
Test 07: Request ignored by Spamhaus or DNS Resolver timed out
Test 08: Request ignored by Spamhaus or DNS Resolver timed out
Test 09: Request ignored by Spamhaus or DNS Resolver timed out
Test 10: Request ignored by Spamhaus or DNS Resolver timed out

Result is bad, Spamhaus is blocking/ignoring your current DNS Resolver 127.0.0.53{}

nu01 · October 28, 2025, 2:18pm

Show me the resolv.cong file contents

nano /etc/resolv.conf

abhelou · October 28, 2025, 2:19pm


# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.

nameserver 127.0.0.53
options edns0 trust-ad
search abdo.oraclevcn.com

sahsanu · October 28, 2025, 2:19pm

The issue here is that your server is using cloud-init and name servers for your interface enp0s6 are being overrided. You should edit the conf file /etc/netplan/50-cloud-init.yaml and modify the nameservers for your enp0s6 interface.

            nameservers:
                addresses:
                    - 76.76.2.0
                    - 76.76.10.0

Once done, restart the server or apply the conf:

netplan apply

nu01 · October 28, 2025, 2:20pm

Sorry, if I gave wrong answer previously.

abhelou · October 28, 2025, 2:22pm

root@panel:/# cat /etc/netplan/50-cloud-init.yaml
network:
  version: 2
  ethernets:
    enp0s6:
      match:
        macaddress: "02:00:17:02:97:94"
      dhcp4: true
      set-name: "enp0s6"
      mtu: 9000

no nameservers, should i add it ?

sahsanu · October 28, 2025, 2:25pm

Yes, replace current conf with this:

network:
  version: 2
  ethernets:
    enp0s6:
      match:
        macaddress: "02:00:17:02:97:94"
      dhcp4: true
      set-name: "enp0s6"
      mtu: 9000
      dhcp4-overrides:
        use-dns: false
      nameservers:
        addresses:
          - 76.76.2.0
          - 76.76.10.0

abhelou · October 28, 2025, 2:28pm

it’s okay, we’re all here to learn and help

abhelou · October 28, 2025, 2:28pm

thank you, working now