RBL checks false positive?

Bugs in eFa 4
Post Reply
zane93
Posts: 44
Joined: 08 Mar 2016 22:08

RBL checks false positive?

Post by zane93 »

I've had a big uptick in with my EFA is bouncing mail as openresolvers even though spamhause says they are not.
https://check.spamhaus.org/not_listed/? ... 45.209.214
https://check.spamhaus.org/not_listed/? ... .mtasv.net
https://mxtoolbox.com/SuperTool.aspx?ac ... n=toolpage

Any ideas what I can do here?

Code: Select all

May 23 20:20:01 exchedge postfix/smtpd[225587]: connect from outbyoip6.pod25.apne1.zdsys.com[103.151.192.6]
May 23 20:20:02 exchedge postfix/smtpd[225587]: Anonymous TLS connection established from outbyoip6.pod25.apne1.zdsys.com[103.151.192.6]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
May 23 20:20:03 exchedge postfix/smtpd[225587]: NOQUEUE: reject: RCPT from outbyoip6.pod25.apne1.zdsys.com[103.151.192.6]: 554 5.7.1 Service unavailable; Client host [103.151.192.6] blocked using zen.spamhaus.org; Error: open resolver; https://www.spamhaus.org/returnc/pub/66.185.112.244; from=<support@plivo.zendesk.com> to=<mysers@myuser.com> proto=ESMTP helo=<outbyoip6.pod25.apne1.zdsys.com>
May 23 20:20:03 exchedge postfix/smtpd[225587]: disconnect from outbyoip6.pod25.apne1.zdsys.com[103.151.192.6] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8

Code: Select all

May 23 20:28:09 exchedge postfix/smtpd[226939]: connect from mta214a-ord.mtasv.net[104.245.209.214]
May 23 20:28:09 exchedge postfix/smtpd[226939]: Anonymous TLS connection established from mta214a-ord.mtasv.net[104.245.209.214]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
May 23 20:28:09 exchedge postfix/smtpd[226939]: NOQUEUE: reject: RCPT from mta214a-ord.mtasv.net[104.245.209.214]: 554 5.7.1 Service unavailable; Client host [104.245.209.214] blocked using zen.spamhaus.org; Error: open resolver; https://www.spamhaus.org/returnc/pub/66.185.112.247; from=<pm_bounces@pm.mtasv.net> to=<myuser@mysers.com> proto=ESMTP helo=<mta214a-ord.mtasv.net>
May 23 20:28:09 exchedge postfix/smtpd[226939]: disconnect from mta214a-ord.mtasv.net[104.245.209.214] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
May 23 20:28:37 exchedge postfix/anvil[225588]: statistics: max connection rate 1/60s for (smtp:142.0.85.171) at May 23 20:18:37
May 23 20:28:37 exchedge postfix/anvil[225588]: statistics: max connection count 1 for (smtp:142.0.85.171) at May 23 20:18:37
May 23 20:28:37 exchedge postfix/anvil[225588]: statistics: max cache size 3 at May 23 20:18:42
mendark
Posts: 24
Joined: 03 Dec 2021 10:10

Re: RBL checks false positive?

Post by mendark »

Hello,
Please read this: https://www.spamhaus.org/returnc/pub/
But the problem is with your DNS, it's an open resolver.
zane93
Posts: 44
Joined: 08 Mar 2016 22:08

Re: RBL checks false positive?

Post by zane93 »

mendark wrote: 24 May 2022 08:17 Hello,
Please read this: https://www.spamhaus.org/returnc/pub/
But the problem is with your DNS, it's an open resolver.
My server used the EFA recursion option 4 then 10. So is the issue with the efa DNS Recursion servers that are being used?
mendark
Posts: 24
Joined: 03 Dec 2021 10:10

Re: RBL checks false positive?

Post by mendark »

So,
Test your efa server here: https://openresolver.com/ to see if it's open resolver or not.
zane93
Posts: 44
Joined: 08 Mar 2016 22:08

Re: RBL checks false positive?

Post by zane93 »

My server is not an open resolver. This problem keeps randomly coming and going. Any other ideas?

https://openresolver.com/ my server checks out just fine

Code: Select all

Jul  2 16:34:47 exchedge postfix/smtpd[8388]: NOQUEUE: reject: RCPT from mail-yw1-f182.google.com[209.85.128.182]: 554 5.7.1 Service unavailable; Client host [209.85.128.182] blocked using zen.spamhaus.org; Error: open resolver; https://www.spamhaus.org/returnc/pub/2400:cb00:15:1024::ac45:41b7; from=<xxxxxx@gmail.com> to=<xxxxxxx@xxxxxxxx.com> proto=ESMTP helo=<mail-yw1-f182.google.com>
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: RBL checks false positive?

Post by shawniverson »

The problem here is not you but the remote party. Your server is merely finding the remote client in the rbl.
Post Reply