You using Spamhaus?

Started by TDSko, Jun 23, 2022, 03:22 AM

Previous topic - Next topic

TDSkoTopic starter

Just a quick note about spamhaus RBL. Noticed a decrease in the amount of overall mail being received, and wasn't terribly concerned until I had a client call and ask why their email was being rejected by my mail server.
Went through the logs, and it turns out over the past few days spamhaus had been blocking "open relay" servers. The servers being blocked included cloudflare and gmail; apparently all of them. No email originating from either source was getting through.

May wish to check your mail logs if using spamhaus, in case this is causing issues for you as well.


Considering gmail stopped accepting/processing SPAM complaints awhile back (IE: hence why Spamcop made a specific address denoting this for google), I wouldn't be surprised to see chunks of gmail's IP space getting blocked by other RBL's over time.


I had a similar problem on my servers. When receiving messages from some senders like Google/Microsoft, blocking messages on RBL. The strange thing is that some sender IPs are not included in any blacklist.

To partially solve, we put Google/Microsoft IPs in RBL whitelist option (Exim configuration) and removed CloudFlare and Google resolvers. (This second tip was the cPanel people who passed, via ticket).

An example of the error:

"JunkMail Rejected - [***.***.***.***]:39718 is in an RBL:"


I've stopped using spamhaus since it was deleting almost all of my emails, seems like it blocking servers randomly. Same happened with cloudflare resolvers. 


Who are Spamhaus?
Spamhaus is allegedly a non-profit organization that maintains so-called "blacklists" of ip addresses from which spam and other cybercriminal actions are being sent. It is believed that in fact Spamhaus is located on the territory of the United States, the legal entity of that organization has been transferred to European offshore companies in order not to obey American and any other legislation.

Despite a rather good undertaking, Spamhaus has actually turned into a cyberterrorist organization for a long time, which, regardless of current legislation or any legal norms, is engaged in blocking unwanted providers who do not want to cooperate with them. And even if the provider cooperates, this is not a guarantee that sooner or later the networks of that provider will not be blocked.

I hate spammers too and support Spamhaus
Believe me, and we hate spammers. But more often our clients become spammers or place various exploits on their sites not by themselves. Viruses and hаckers do that more often. How pleasant will it be for you to know that your website is disabled based on a statement from Spamhaus, which do not even provide proof of the fact of mailing, especially if the mailing was made from your website through a hаcked script or even initiated by your competitors?

Who is to blame and what to do
Who is to blame - in this case, the question is rhetorical. As a provider, we are in that situation, where Roskomnadzor is on the one hand, and Spamhaus is on the other, no matter what actions we take, we still will not be able to meet the requirements of both sides at the same time, because they contradict each other.

We have transferred all our mail servers from the blocked network to others that are not covered by the blocking. For clients with dedicated servers, we have also developed several solutions that can be used to send mail to recipients who use Spamhaus blacklists.

And the conclusion?
And the conclusion is very simple. If you use the Spamhaus blacklist, you are actually supporting cyberterrorists. After all, they don't care who to block, as shown above. The main thing for them is to punish someone, and even without explaining the essence of guilt and the terms of punishment. Think ten times before using the SBL, PBL, XBL and other lists provided by Spamhaus. 
Almost everyone has already been marked in that list. And what is the incident worth when Spamhaus blocked the whole of Latvia with the words "Well, yes. But Latvia is one of the smallest countries in the world"? Are you sure you want to give control over the delivery of mail to you from your partners to these people?