Hello! Sorry for posting, I have the same problem. I have a production environment, this error occurred today or a few days ago. Since I didn’t set anything on the server, I don’t know why this happened. Then I installed 2 debian servers and installed the fresh hestiacp:bash hst-install.sh --apache yes --phpfpm yes --multiphp yes --proftpd yes --named yes --mysql yes --exim yes – dovecot yes --clamav yes --sieve yes --spamassassin yes --iptables yes --fail2ban yes --api yes --interactive yes
and everything is still marked as spam by zen.spamhaus.org. gmail and other email addresses, only internal emails are received.
Since I had an older backup, since the systems are split into lxc, I looked into the backup, but zen.spamhaus.org was also there, maybe it has become paid and can no longer be used? Or what’s the problem?
gmail.com:
2024-09-13 19:56:13 H=mail-qk1-f182.google.com [209.85.222.182] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.myservertest.host.eu F=<[email protected]> rejected RCPT <[email protected]>: Rejected because 209.85.222.182 is in a black list at zen.spamhaus.org
2024-09-13 19:58:33 H=mail-pg1-f181.google.com [209.85.215.181] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.myservertest.host.eu F=<[email protected]> rejected RCPT <[email protected]>: Rejected because 209.85.215.181 is in a black list at zen.spamhaus.org
2024-09-13 20:29:02 H=mail-oa1-f47.google.com [209.85.160.47] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.myservertest.host.eu F=<[email protected]> rejected RCPT <[email protected]>: Rejected because 209.85.160.47 is in a black list at zen.spamhaus.org
2024-09-13 19:46:02 H=mail-qt1-f178.google.com [209.85.160.178] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.myservertest.host.eu F=<[email protected]> rejected RCPT <[email protected]>: Rejected because 209.85.160.178 is in a black list at zen.spamhaus.org
another:
2024-09-13 19:48:12 H=fmfe28.freemail.hu (web-out.onbox.hu) [46.107.16.233] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no F=<[email protected]> rejected RCPT <[email protected]>: Rejected because 46.107.16.233 is in a black list at zen.spamhaus.org
2024-09-13 19:50:16 H=fmfe28.freemail.hu (web-out.onbox.hu) [46.107.16.233] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no F=<[email protected]> rejected RCPT <[email protected]>: Rejected because 46.107.16.233 is in a black list at zen.spamhaus.org
But this is the case with any service provider, only internal correspondence works.
curl -sSL https://7j.gg/chksph2 | bash -s --
Test 01: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Test 02: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Test 03: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Test 04: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Test 05: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Test 06: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Test 07: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Test 08: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Test 09: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Test 10: Error: open resolver; https://check.spamhaus.org/returnc/pub/172.68.224.71/
Result is bad, Spamhaus is blocking/ignoring your current DNS Resolver 1.0.0.1{}
product server:
curl -sSL https://7j.gg/chksph2 | bash -s --
Test 01: Request ignored by Spamhaus or DNS Resolver timed out
Test 02: Request ignored by Spamhaus or DNS Resolver timed out
Test 03: Request ignored by Spamhaus or DNS Resolver timed out
Test 04: Request ignored by Spamhaus or DNS Resolver timed out
Test 05: Request ignored by Spamhaus or DNS Resolver timed out
Test 06: Request ignored by Spamhaus or DNS Resolver timed out
Test 07: Request ignored by Spamhaus or DNS Resolver timed out
Test 08: Request ignored by Spamhaus or DNS Resolver timed out
Test 09: Request ignored by Spamhaus or DNS Resolver timed out
Test 10: Request ignored by Spamhaus or DNS Resolver timed out
Result is bad, Spamhaus is blocking/ignoring your current DNS Resolver 8.8.8.8{}
I tried the following name servers: 8.8.8.8,8.8.4.4,1.0.0.1,1.1.1.1
But it doesn’t work at all.
However, 8.8.8.8 and 8.8.4.4 were always set on the production server.
If you use Google DNS servers; 8.8.8.8 and 8.8.4.4, Spamhaus will ignore the requests so it is like if you dont’ use the Spamhaus block list. But using them, the received mails shouldn’t be rejected.
If you use Cloudflare DNS servers; 1.1.1.1 and 1.0.0.1, all the mails sent to your server will be rejected.
Change your DNS Servers for others not blocked/ignored by Spamhaus like:
76.76.2.0
76.76.10.0
If you still want to use Google or Cloudflare DNS servers, follow this doc:
Thanks, can you tell, when did it change? Because it would be nice to know how long the correspondence has been going on. We rarely receive letters, so it would be nice to know. Thanks.
I don’t know when they introduced 1.1.1.1 in the list of open resolvers and as far as I know Spamhaus doesn’t share the list of blocked public resolvers). 8.8.8.8 is in the list but they don’t block it, just don’t answer at all.
I know this is probably considered an old post now, but had this same issue.
Even with my DNS resolver set to 8.8.8.8 and getting:
root@andrew:/var/log/exim4# curl -sSL https://7j.gg/chksph2 | bash -s --
Test 01: Request ignored by Spamhaus or DNS Resolver timed out
Test 02: Request ignored by Spamhaus or DNS Resolver timed out
Test 03: Request ignored by Spamhaus or DNS Resolver timed out
Test 04: Request ignored by Spamhaus or DNS Resolver timed out
Test 05: Request ignored by Spamhaus or DNS Resolver timed out
Test 06: Request ignored by Spamhaus or DNS Resolver timed out
Test 07: Request ignored by Spamhaus or DNS Resolver timed out
Test 08: Request ignored by Spamhaus or DNS Resolver timed out
Test 09: Request ignored by Spamhaus or DNS Resolver timed out
Test 10: Request ignored by Spamhaus or DNS Resolver timed out
Result is bad, Spamhaus is blocking/ignoring your current DNS Resolver 8.8.8.8{}
It was still blocking me, I had to actually modify the /etc/exim4/dnsbl.conf file and put a # in front of zen.spamhaus.org for it to stop.
Yes, Spamhaus is not blocking the requests when using 8.8.8.8 as DNS resolver but it is ignoring all the requests. Use these DNS resolvers and you should be fine: 76.76.2.0 and 76.76.10.0
I am having this same issue with my shared hoster, where my main domain is. My emails are getting rejected cause of this, and spamhaus is not willing to unblock my domain. The DNS resolver is basically blacklisted, and every domain under that is too. I am trying to get my adamant provider to change the resolver.
BTW, I learnt something odd. Most shared hosting has a lot of pro*****tion and po** domains listed. Hence, the blacklist too.
I know. I tried that several times. After not able to having it resolved, I am moving it out of their hosting. Waste of 5 years of money.
Lessons learnt.