The policy was implemented in March 2021 over a year ago.
The 127.255.255.254 is the return code, not the IP queried. From
https://www.spamhaus.org/news/article/807/using-our-public-mirrors-check-your-return-codes-now.
A reminder
As of March 2021, we will begin the implementation of the following return
codes:
Return code Meaning
127.255.255.252 Typing error in DNSBL Name
127.255.255.254 Query via public/open resolver/generic unattributable
rDNS
127.255.255.255 Excessive Number of Queries
Ordinarily, you'd see a return code with 127.0.0.xxx for acceptable queries.
You mail server SHOULD NOT be treating unexpected IP value returns as
being listed. Eg: your mail server should NOT be rejecting/penalizing
email with a code of 127.255.255.254, and instead informing the operator
it's getting weird things back.
Abruptly seeing these sorts of things now suggests to me that your DNS
resolving configuration has been altered, or Spamhaus has identified
another free-loading open resolver, and EITHER WAY your mail server is
improperly parsing return codes.
Spamhaus blocks large scale open resolvers because very large providers
with query volumes MUCH higher than the free limits and should be paying
for the service, have found this to be a backdoor.
On 2022-05-13 14:36, Mark E. Jeftovic via mailop wrote:
We're seeing these for localhost netblock, which seems kinda odd...
Error: open resolver; https://www.spamhaus.org/returnc/pub/127.255.255.254
On 2022-05-13 12:32 PM, Jarland Donnell via mailop wrote:
I'm not sure if the rest of you are seeing the same, but I've seen a
lot of errors like this lately:
554 Service unavailable; Client host [mail-108-mta215.mxroute.com]
blocked by sbl-xbl.spamhaus.org; Error: open resolver;
https://www.spamhaus.org/returnc/pub/74.63.16.232
It seems that Spamhaus is cracking down on a certain type of activity
and it has caught more than a few mail admins with their pants down.
As you can see from the error, these mail servers are configured in
such a way that they assume the connecting IP to be blacklisted when
the error is in fact about that mail server's configuration and not
the connecting IP. This may be a good time to check your own logs, if
you are querying Spamhaus, just to be sure your house is in order.
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
--
Mark E. Jeftovic <[email protected]>
Co-founder & CEO easyDNS Technologies Inc.
+1-(416)-535-8672 ext 225
/"Never expect a thing you do not want,
and never desire a thing you do not expect."
-- Bob Proctor /
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
