LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   spamhaus.org The following addresses had permanent fatal errors (https://www.linuxquestions.org/questions/linux-security-4/spamhaus-org-the-following-addresses-had-permanent-fatal-errors-4175726991/)

mfoley 07-15-2023 09:30 PM
spamhaus.org The following addresses had permanent fatal errors
 
I'm a bit puzzled. I've been using the samba@lists.samba.org maillist for many years. Just now, I sent an email to this list but got the following:
Code:
The original message was received at Sat, 15 Jul 2023 16:46:08 -0400
from localhost [127.0.0.1]

  ----- The following addresses had permanent fatal errors -----
<samba@lists.samba.org>
    (reason: 550-blacklisted at zen.spamhaus.org)

  ----- Transcript of session follows -----
... while talking to lists-mx.samba.org.:
>>> RCPT To:<samba@lists.samba.org>
<<< 550-blacklisted at zen.spamhaus.org
<<< 550 https://www.spamhaus.org/query/ip/2603:6011:2d02:ee82:f66d:4ff:fe5f:ffd1
550 5.1.1 <samba@lists.samba.org>... User unknown
>>> DATA
<<< 503-All RCPT commands were rejected with this error:
<<< 503-blacklisted at zen.spamhaus.org
<<< 503-https://www.spamhaus.org/query/ip/2603:6011:2d02:ee82:f66d:4ff:fe5f:ffd1
<<< 503 valid RCPT command must precede DATA
I've checked spamhaus.org and neither lists.samba.org nor my sending address novatec-inc.com is listed. I even tried sending a message to the list admin rpenny@samba.org and got the same message.

I've received messages from this list/domain even after getting this reject on the send attempt.

Any idea what's going on? How can I get a spamhaus message when the domain(s) is/are not listed?

jayjwa 07-15-2023 10:19 PM
If you look at the link (as per your ip6 address), Spamhaus doesn't think you deserve the right to use email.

Quote:
This IP address range has been identified by Spamhaus as not meeting our policy for IP addresses permitted to deliver unauthenticated 'direct-to-mx' email to PBL users.

This listing is controlled by your Internet Service Provider (ISP), not Spamhaus.
Your ISP lists ranges of IP addresses that shouldn’t be sending email directly to the internet.

If you are not using normal email software but instead are running a mail server and you are the owner of a Static IP address in the range 2603:6010::/29 and you have a legitimate reason for operating a mail server on this IP, you can automatically remove (suppress) your static IP address from the PBL database.
Basically a PBL. They probably sunk your ip6 prefix into the PBL. They are a massively over-zealous blocklist provider that has been a thorn in the sides of many a postmaster, including myself, for years now. The only thing you can do at this point is complain to your ISP to try to get them to wrestle with Spamhaus to remove your address (I've never seen the "auto-removal" work) or refuse to interact with anyone using their draconian methods. This is a great case of the "cure" being worse than the disease; I blame them squarely for the decrement in usefullness of email. I'm sure my true feelings about them would violate the rules of this website so I'll say no more.

mfoley 07-16-2023 09:15 AM
Quote:
Originally Posted by jayjwa (Post 6442310)
If you look at the link (as per your ip6 address), Spamhaus doesn't think you deserve the right to use email.
Thanks for bringing my attention to the IPv6 address. This computer is a business/static IP (not home/dynamic) and all DNS recs, etc are IPv4, so I didn't really even pay attention to the IPv6 address. When I checked it on the spamhaus site the IPv6 address was indeed blacklisted. I did go through the auto-unlist process and it said I was unlisted. I tried resending my email and it went through.

Puzzling why the IPv6 address associated with this server got blacklist. My guess is that someone spoofed my address to send spam. I don't know why there is even an IPv6 address associated with this computer as I don't use that, but I suppose there is always a corresponding IPv6 for every IPv4 -- perhaps depending on the ISP. I did have to add this IPv6 address to my SPF record for gmail to not hate me so much.

Apparently only the samba.org mail server has checked spamhaus for me as this is the only message that has bounced. But, perhaps other recipients' mail has also been rejected but I didn't get a bounce notice.

Thanks - all is well now.


All times are GMT -5. The time now is 02:37 PM.