My problem started basically as a duplicate of this issue where I was using a public DNS resolver on my system. I’ve since resolved that by setting
dns_server * to a much less used DNS server provided by my cloud service in my
local.cf. I’ve additionally tested against blacklists to confirm the behavior seems to be as expected now and isn’t giving me any obvious errors.
However, I’m still getting a large amount of email being bounced because of listings on blacklists. When I check the blacklists, both through
dig and through mx toolbox, they usually show up on one or two blacklists, when they are typically legit senders (things like credit card invoices, iCloud hide my email relays, purchase receipts, as well as some newsletters that were actually signed up for, etc). This is in stark comparison from senders that are very spam oriented and show up on several, if not all blacklists.
Did something change in Hestia’s defaults recently? Or SpamAssassin had an update that changed its scoring? Is anyone else experiencing this from legit sources? I believe this to be a relatively recent development.
Here’s an example from my rejection log:
I haven’t done anything to change the default Hestia settings in regards to mail filtering, though I have added some
trusted_networks lines to my
local.cf as a response to this recent event, but I feel like that’s more of a bandaid solution than a real fix.
Might there be a way to change these dns blacklists to only increase the spam score instead of just a binary approach?