Hello Hestia community!
It’s been a while since my last post, although I’m still here reading threads Anyway, I did a quick search in this forum for the issue I’m facing, but I don’t see it mentioned anywhere. So here it is…
Quick issue description
I have configured one of my Hestia servers to accept email for a specific domain (let’s call it mymail.com) The last few days, when other people send email to mymail.com, I see in
/var/log/exim4/rejectlog quite a few logs like these :
2021-10-19 11:22:10 H=mail-oln040092073030.outbound.protection.outlook.com (EUR04-HE1-obe.outbound.protection.outlook.com) [220.127.116.11] X=TLS1.2:ECDHE_SECP384R1__RSA_SHA256__AES_256_GCM:256 CV=no SNI="mail.mymail.com" F=<[user-redacted]@outlook.com> rejected RCPT <[email protected]>: Rejected because 18.104.22.168 is in a black list at zen.spamhaus.org 2021-10-19 11:39:42 H=o1.email.wetransfer.com [22.214.171.124] X=TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI="mail.mail.com" F=<[email protected]> rejected RCPT <[email protected]>: Rejected because 126.96.36.199 is in a black list at zen.spamhaus.org 2021-10-19 11:40:39 H=o3.email.wetransfer.com [188.8.131.52] X=TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI="mail.mail.com" F=<[email protected]> rejected RCPT <[email protected]>: Rejected because 184.108.40.206 is in a black list at zen.spamhaus.org
When I check the IP(s) at SPAMHAUS it always comes clean with no issues.
Just to clarify a bit more: My mail server is rejecting other peoples’ emails. The senders are getting a delivery error report, telling them that my server rejected their message(s).
It seems that the issue happens only for incoming mail from:
- Microsoft (Live, Hotmail, Outlook.com, Office365, etc)
…but that might just be by chance!
- Is it possible that the query to
zen.spamhaus.orgfails for whatever reason (e.g. connectivity or load issues) and that failure is interpreted as an actual Reject?
- Could it be that the blocked IP address(s) was indeed in the zen blacklist, but it was removed by the time I checked?
- Is it possible to whitelist senders’ email addresses? Does the
/etc/exim4/white-blocks.confhold only hosts/IPs, or can it hold email addresses as well?
How to handle?
I understand that this might not be directly related to Hestia, but any idea how to handle this would be highly appreciated.
For the time being, I commented out the zen.spamhaus.org entry inside
/etc/exim4/dnsbl.conf and restarted exim4. By doing this, I expect that incoming email will not be checked against the zen blacklist. But this is not an actual solution
Contents of dnsbl.conf