Spamhaus rejection for inbound messages

Community Support Mail
21

Yeah I run rebuild command and what I need to do next

22 
namei -mo /etc/exim4/domains/micro365vn.com/ip
ls -la /home/admin/
23

image
image1460×1157 87 KB

Here, bro

24

Unfortunately it didn’t fix all the perms. If you have a backup of user admin you could try to restore it.

25

I think the problem appears after Debian hard updates so let me try on my another VM to double-check all resistant. If the result does not change, I will notice you

1 Like
26

@sahsanu
I think the problem coming form both factors (exim & SpamHaus) :smiley:

image
image1054×811 55 KB

27 
grep -i 'rejected.*list' /etc/exim4/exim4.conf.template
exigrep '<= [email protected]' /var/log/exim4/mainlog --no-pager
dpkg -l | grep exim4
28

image
image1909×372 47.2 KB

2nd command line shows blank, bro
I tried with this one and here is the result

29

@sahsanu you left me behind, bro :sweat_smile: :sweat_smile:

30

I need to figure out how to fix the mess you did with perms.

By the way, show the output of this command:

cat -A /home/admin/conf/mail/micro365vn.com/ip

And execute this to try to fix the mail perms:

chmod 771 /home/admin/conf/mail/micro365vn.com
chmod 660 /home/admin/conf/mail/micro365vn.com/*
chown -R Debian-exim:mail /home/admin/conf/mail/micro365vn.com
chown -R dovecot:mail /home/admin/conf/mail/micro365vn.com/passwd
chown Debian-exim:mail /home/admin/conf/mail/micro365vn.com/accounts
chmod 770 /home/admin/mail/micro365vn.com
chown -R admin:mail /home/admin/mail/micro365vn.com

After that check if mails are sent.

And please, copy and paste the text, no screenshots.

Once you paste the output here in the forum, select the text and click on icon </> and it will be formatted so it is easily readable.

2 Likes
31

A post was split to a new topic: Rejected because [ip] in a black list at zen.spamhaus.org

32

Here is the result, bro

root@vn1:~# cat -A /home/admin/conf/mail/micro365vn.com/ip
103.188.167.***$
root@vn1:~# chmod 771 /home/admin/conf/mail/micro365vn.com && chmod 660 /home/admin/conf/mail/micro365vn.com/* && chown -R Debian-exim:mail /home/admin/conf/mail/micro365vn.com && chown -R dovecot:mail /home/admin/conf/mail/micro365vn.com/passwd && chown Debian-exim:mail /home/admin/conf/mail/micro365vn.com/accounts && chmod 770 /home/admin/mail/micro365vn.com && chown -R admin:mail /home/admin/mail/micro365vn.com
root@vn1:~# ls -l /home/admin/conf/mail/micro365vn.com
total 48
-rw-rw---- 1 Debian-exim mail   37 Sep 12 10:50 accounts
-rw-rw---- 1 Debian-exim mail    0 Sep 12 10:45 aliases
-rw-rw---- 1 Debian-exim mail    0 Sep 12 10:45 antispam
-rw-rw---- 1 Debian-exim mail    0 Sep 12 10:45 antivirus
-rw-rw---- 1 Debian-exim mail  210 Sep 12 10:59 apache2.conf
-rw-rw---- 1 Debian-exim mail  371 Sep 12 10:59 apache2.ssl.conf
-rw-rw---- 1 Debian-exim mail  916 Sep 12 10:45 dkim.pem
-rw-rw---- 1 Debian-exim mail    0 Sep 12 10:45 fwd_only
-rw-rw---- 1 Debian-exim mail   16 Sep 12 10:45 ip
-rw-rw---- 1 Debian-exim mail   26 Sep 12 10:50 limits
-rw-rw---- 1 Debian-exim mail  521 Sep 12 10:59 nginx.conf
-rw-rw---- 1 Debian-exim mail  159 Sep 12 10:54 nginx.conf_letsencrypt
-rw-rw---- 1 Debian-exim mail   45 Sep 12 10:59 nginx.forcessl.conf
-rw-rw---- 1 Debian-exim mail  843 Sep 12 10:59 nginx.ssl.conf
lrwxrwxrwx 1 Debian-exim mail   59 Sep 12 10:54 nginx.ssl.conf_letsencrypt -> /home/admin/conf/mail/micro365vn.com/nginx.conf_letsencrypt
-rw-rw---- 1 dovecot     mail  136 Sep 12 10:50 passwd
drw-rw---- 2 Debian-exim mail 4096 Sep 12 10:55 ssl
33

Did you check it?

34

After that, the mail server is quite not working anymore :frowning_face:
I can’t sign it in to Outlook or Gmail app (try on IMAP & POP3) and the roundcube is blank too

35 
chmod a+x /home/admin
chown admin:admin /home/admin
chmod a+x /home/admin/conf
chown root:root /home/admin/conf
chmod 751 /home/admin/conf/web
chmod 751 /home/admin/web
chmod 771 /home/admin/tmp
chown --no-dereference root:admin /home/admin/web
chmod 771 /home/admin/conf/dns
chown bind:bind /home/admin/conf/dns
chmod 751 /home/admin/mail
chmod 751 /home/admin/conf/mail
chmod 751 "/home/admin/web/micro365vn.com"
chown --no-dereference admin:admin /home/admin/web/micro365vn.com
chown -R admin:admin /home/admin/web/micro365vn.com/document_errors
chmod 551 /home/admin/web/micro365vn.com
chmod 551 /home/admin/web/micro365vn.com/stats
chmod 751 /home/admin/web/micro365vn.com/private
chown --no-dereference admin:www-data /home/admin/web/micro365vn.com/public_*html
chmod 640 /home/admin/conf/dns/micro365vn.com.db
chown root:bind /home/admin/conf/dns/micro365vn.com.db
chown bind:bind /home/admin/conf/dns/micro365vn.com.db
chmod 771 /home/admin/conf/mail/micro365vn.com
chmod 660 /home/admin/conf/mail/micro365vn.com/*
chmod 770 /home/admin/mail/micro365vn.com
chown -R Debian-exim:mail /home/admin/conf/mail/micro365vn.com
chown -R dovecot:mail /home/admin/conf/mail/micro365vn.com/passwd
chown Debian-exim:mail /home/admin/conf/mail/micro365vn.com/accounts
chown admin:mail /home/admin/mail/micro365vn.com
36

We don’t have /home/admin/conf in file directory, bro

root@vn1:~# chmod a+x /home/admin && chown admin:admin /home/admin && chmod a+x /home/admin/conf && chown root:root /home/admin/conf && chmod 751 /home/admin/conf/web && chmod 751 /home/admin/web && chmod 771 /home/admin/tmp && chown --no-dereference root:admin /home/admin/web && chmod 771 /home/admin/conf/dns && chown bind:bind /home/admin/conf/dns && chmod 751 /home/admin/mail && chmod 751 /home/admin/conf/mail && chmod 751 "/home/admin/web/micro365vn.com" && chown --no-dereference admin:admin /home/admin/web/micro365vn.com && chown -R admin:admin /home/admin/web/micro365vn.com/document_errors && chmod 551 /home/admin/web/micro365vn.com && chmod 551 /home/admin/web/micro365vn.com/stats && chmod 751 /home/admin/web/micro365vn.com/private && chown --no-dereference admin:www-data /home/admin/web/micro365vn.com/public_*html && chmod 640 /home/admin/conf/dns/micro365vn.com.db && chown root:bind /home/admin/conf/dns/micro365vn.com.db && chown bind:bind /home/admin/conf/dns/micro365vn.com.db && chmod 771 /home/admin/conf/mail/micro365vn.com && chmod 660 /home/admin/conf/mail/micro365vn.com/* && chmod 770 /home/admin/mail/micro365vn.com && chown -R Debian-exim:mail /home/admin/conf/mail/micro365vn.com && chown -R dovecot:mail /home/admin/conf/mail/micro365vn.com/passwd && chown Debian-exim:mail /home/admin/conf/mail/micro365vn.com/accounts && chown admin:mail /home/admin/mail/micro365vn.com
chmod: changing permissions of '/home/admin/conf': Operation not permitted
root@vn1:~# ls -la /home/admin/conf
total 16
drwxr-xr-x   4 root  root  4096 Aug 18 12:37 .
drwxr-xr-x+ 13 admin admin 4096 Sep 12 13:00 ..
drwxr-x--x   6 admin admin 4096 Sep 12 10:45 mail
drwxr-x--x   7 admin admin 4096 Sep 12 10:52 web
37

That’s ok, no problem.

Now, it works? Are you seeing the same error in exim’s log when trying to receive a mail for micro365vn.com?

38

Btw, after I run ton of commands. The File Manager does not work anymore :frowning:

image
image1244×375 13.9 KB

39

Right now I don’t care about file manager, what about the mails?

40

I think we have some new issues here

root@vn1:~# exigrep '[email protected]' /var/log/exim4/mainlog* --no-pager
2024-09-14 09:56:14 H=mail-tyzapc01on2110.outbound.protection.outlook.com (APC01-TYZ-obe.outbound.protection.outlook.com) [40.107.117.110] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 10:11:43 H=mail-sgaapc01on2101.outbound.protection.outlook.com (APC01-SG2-obe.outbound.protection.outlook.com) [40.107.215.101] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 10:30:33 H=mail-tyzapc01on2127.outbound.protection.outlook.com (APC01-TYZ-obe.outbound.protection.outlook.com) [40.107.117.127] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 11:30:16 H=mail-psaapc01on2092.outbound.protection.outlook.com (APC01-PSA-obe.outbound.protection.outlook.com) [40.107.255.92] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 12:30:32 H=mail-psaapc01on2097.outbound.protection.outlook.com (APC01-PSA-obe.outbound.protection.outlook.com) [40.107.255.97] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 13:30:00 H=mail-tyzapc01on2091.outbound.protection.outlook.com (APC01-TYZ-obe.outbound.protection.outlook.com) [40.107.117.91] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 14:29:14 H=mail-psaapc01on2093.outbound.protection.outlook.com (APC01-PSA-obe.outbound.protection.outlook.com) [40.107.255.93] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 15:30:14 H=mail-tyzapc01on2115.outbound.protection.outlook.com (APC01-TYZ-obe.outbound.protection.outlook.com) [40.107.117.115] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 16:29:53 H=mail-psaapc01on2090.outbound.protection.outlook.com (APC01-PSA-obe.outbound.protection.outlook.com) [40.107.255.90] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 17:30:28 H=mail-tyzapc01on2095.outbound.protection.outlook.com (APC01-TYZ-obe.outbound.protection.outlook.com) [40.107.117.95] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 18:31:08 H=mail-psaapc01on2131.outbound.protection.outlook.com (APC01-PSA-obe.outbound.protection.outlook.com) [40.107.255.131] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host

2024-09-14 19:30:15 H=mail-tyzapc01on2097.outbound.protection.outlook.com (APC01-TYZ-obe.outbound.protection.outlook.com) [40.107.117.97] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> rejected RCPT <[email protected]>: Rejected because 40.107.117.97 is in a black list at SpamHaus

2024-09-14 21:04:51 H=mail-psaapc01on2091.outbound.protection.outlook.com (APC01-PSA-obe.outbound.protection.outlook.com) [40.107.255.91] X=TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_128_GCM:128 CV=no SNI=mail.micro365vn.com F=<[email protected]> temporarily rejected RCPT <[email protected]>: lowest numbered MX record points to local host