Using Spamhaus?

Started by TDSko, Jun 23, 2022, 03:22 AM

Previous topic - Next topic

TDSkoTopic starter

I want to bring to your attention the spamhaus RBL, which has been causing some trouble lately. I noticed a decline in the overall amount of mail received, but didn't take it seriously until one of my clients reported that their email was being rejected by my mail server.

Upon checking the logs, I discovered that spamhaus had recently blocked "open relay" servers, including cloudflare and gmail, resulting in all emails originating from these sources being blocked. If you're using spamhaus, it's advisable to verify your mail logs to see if this is causing any problems for you too.


As Gmail stopped accepting and processing SPAM complaints quite some time back (which led to Spamcop creating a specific address for Google), it's not surprising to see that other RBLs may start blocking various segments of Gmail's IP space gradually.


I faced a similar issue on my servers where some senders such as Google or Microsoft were getting their messages blocked by the RBL, despite the fact that some of their IPs were not present in any blacklists.

To mitigate this issue, we opted to put the IPs of Google/Microsoft in the RBL whitelist option (Exim configuration) and remove the resolvers from Cloudflare and Google (the latter was a suggestion provided by the cPanel team through a ticket). For instance, if you encounter an error message like "JunkMail Rejected - [***.***.***.***]:39718 is in an RBL", it's likely due to this issue.


I've stopped using spamhaus since it was deleting almost all of my emails, seems like it blocking servers randomly. Same happened with cloudflare resolvers. 


Spamhaus is an organization that maintains blacklists of IP addresses known for sending spam and other cybercrimes. While they claim to be a non-profit organization, it's believed that Spamhaus is located in the US but has transferred its legal entity to offshore European companies to avoid compliance with American or any other legislation.

Despite their good intentions, Spamhaus has long since become a cyberterrorist group that blocks unwanted providers who refuse to cooperate with them without regard for legal norms or current legislation. Even if providers do agree to work with them, there's no guarantee that their networks won't be blocked at some point.

While we all despise spammers, it's worth noting that our clients may unwittingly become spammers themselves or fall victim to viruses and hаckers. It's unpleasant to think that your website could be taken down based on Spamhaus's unsupported claim of spam activity, especially if the mailing was initiated by competitors or through a hаcked script.

As a provider, we find ourselves caught between Roskomnadzor and Spamhaus, two opposing sides whose requirements are irreconcilable. We've moved all our mail servers from blocked networks to unblocked ones and developed several solutions for clients with dedicated servers to help them send emails to recipients using Spamhaus blacklists.

In conclusion, using the Spamhaus blacklist means supporting cyberterrorists, as they block anyone without concern for proof or terms of punishment. Many have already been marked on their blacklist, including an incident where they blocked the entire country of Latvia. Is it wise to entrust the delivery of email from partners to such people? Think twice before using SBL, PBL, XBL, and other lists provided by Spamhaus.