Mark, Replying off list to see if we can figure out what is going on.
On 7/15/2021 7:29 AM, Mark Milhollan via mailop wrote: > Spamhaus has been working fine for me and has been a wonderful > resource for many years, but I recently decided I had to disable using > them on my personal, low volume mail server because of a few recent > surprises (that's right, I don't look at Spamhaus rejects, timestamps > are UTC): > > Jul 10 22:20:34 mm-new smtpd[28996]: NOQUEUE: reject: RCPT from > s0.eburgsquare.com[104.223.145.19]: 554 5.7.1 Service unavailable; > Unverified Client host [s0.eburgsquare.com] blocked using > dbl.spamhaus.org; > https://www.spamhaus.org/query/domain/eburgsquare.com; > from=<webmaster1...@eburgsquare.com> to=<[elided]@milhollan.com> > proto=ESMTP helo=<s0.eburgsquare.com> > Jul 13 21:59:33 mm-new smtpd[20435]: NOQUEUE: reject: RCPT from > liaoningosaurus.mktdns.com[192.28.148.54]: 554 5.7.1 Service > unavailable; Client host [192.28.148.54] blocked using > sbl-xbl.spamhaus.org; > from=<733-ksk-625.0.175526.0.0.16914.9.10824...@email1.digium.com> > to=<[elided]@milhollan.com> proto=ESMTP helo=<email1.digium.com> > Jul 14 00:13:04 mm-new smtpd[22318]: NOQUEUE: reject: RCPT from > mail-ej1-f68.google.com[209.85.218.68]: 554 5.7.1 Service unavailable; > Client host [209.85.218.68] blocked using sbl-xbl.spamhaus.org; > from=<microsoftsubscription99...@gmail.com> > to=<[elided]@milhollan.com> proto=ESMTP helo=<mail-ej1-f68.google.com> > Jul 14 15:25:30 mm-new smtpd[3627]: NOQUEUE: reject: RCPT from > gk-w94-email.usps.gov[56.0.84.94]: 554 5.7.1 Service unavailable; > Client host [56.0.84.94] blocked using sbl-xbl.spamhaus.org; > from=<uspsinformeddeliv...@informeddelivery.usps.com> > to=<[elided]@milhollan.com> proto=ESMTP helo=<gk-w94-email.usps.gov> > Jul 14 22:37:33 mm-new smtpd[10015]: NOQUEUE: reject: RCPT from > my-mail.splashtop.com[34.208.80.28]: 554 5.7.1 Service unavailable; > Client host [34.208.80.28] blocked using sbl-xbl.spamhaus.org; > from=<no-re...@my-mail.splashtop.com> to=<[elided]@milhollan.com> > proto=ESMTP helo=<my-mail.splashtop.com> > Jul 15 06:17:18 mm-new smtpd[14530]: NOQUEUE: reject: RCPT from > mta0.tedlarbagsale.com[134.73.145.18]: 554 5.7.1 Service unavailable; > Unverified Client host [mta0.tedlarbagsale.com] blocked using > dbl.spamhaus.org; > https://www.spamhaus.org/query/domain/tedlarbagsale.com; > from=<webmaster4...@tedlarbagsale.com> to=<[elided]@milhollan.com> > proto=ESMTP helo=<mta0.tedlarbagsale.com> > Jul 15 10:00:11 mm-new smtpd[3294]: NOQUEUE: reject: RCPT from > mx.mailop.org[91.132.147.157]: 554 5.7.1 Service unavailable; Client > host [91.132.147.157] blocked using sbl-xbl.spamhaus.org; > from=<mailop-boun...@mailop.org> to=<[elided]@milhollan.com> > proto=ESMTP helo=<mx.mailop.org> > > Both DBL rejections look to be spam. But all but 1 of these SBL-XBL > rejections were non-spam (I know those senders and want their > messages) so for me are false-positives -- the Gmail rejection looks > like spam (I don't know that sender). 16 rejections (9 good > rejections not shown) between Jul 10 00:00Z and Jul 15 10:20Z, 4 of > which were not appropriate makes for a not good ratio. > > Manually checking the SBL-XBL rejections on the mail server shortly > after the last rejection yielded null/NXDOMAIN responses via DNS using > getent/dig and showed "no issues" via the Spamhaus web site reputation > center. I use my own local resolver (unbound 1.13.1) with no > forwarders configured. > > > /mark > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
