On 12/28/2016 12:28 AM, John Fawcett wrote:
On 12/28/2016 08:32 AM, Alice Wonder wrote:
Virtual machine for a web application, it is still in testing.

reverse DNS is properly set up.
Postfix only listens on the local host.
Linux firewall drops anything not to port 80, 443, or a custom high
number port I use for SSH.

This postfix is not an open relay, or a relay for anything on the
Internet, it only exists so the web application can send e-mail.

SPF for the domain is correctly set up, DKIM for the host is correctly
set up, when it sends an e-mail and I inspect it - it passes the rDNS,
SPF, and DKIM checks.

So far it has only sent e-mails to addresses I control as the web
application is still in testing.

Yet yesterday the IP address ended up on Spamhaus blacklist.

I am 100% confident that no one else was sending e-mail from that IP
address, I'm a bit puzzled as to how the IP address got added to the
blacklist, but I was told that Spamhaus sometimes just adds an entire
subnet if more than one IP on the subnet was sending spam, and that's
probably what happened.

I think that is irresponsible of Spamhaus if that is what they are
doing, but is there something more I can do other than correct rDNS,
SPF, and DKIM to avoid getting on a blacklist?

if you know which of the spamhaus lists it was you can check out its
policy. Each list has its own specific criteria. Also if you were
recently assigned the ip the listing may predate your activity.

John


The IP is relatively new to me, about two months, but it was not on the list before as I use Spamhaus on my other mail servers and mail from it was not being rejected until yesterday.

I did go through the manual removal process and that worked, but I'm worried about it happening again.

Reply via email to