zen.spamhaus.com is blocking all my mails

[krishnadaskk]

this sounds odd - the responses to DNSBL lookups are usually in 127.0.0.0/8 (and not 37.131.68.29)

could you:
* provide your resolv.conf file (`cat /etc/resolv.conf`)
* the output of `ping -c 4 google.com`
* the output of `ping firstgate.proxmox.com` (there will be a timeout - but we'll get what firstgate.proxmox.com resolves to)
* install dnsutils (dig is inside) `apt install dnsutils`
* provide the output of:
** `dig +norec 68.123.224.212.zen.spamhaus.org @c.gns.spamhaus.org.` (maybe also replace 'c' in 'c.gns.spamhaus.org.' with 'a' - 'd')
** `dig 68.123.224.212.zen.spamhaus.org`

thanks!

** `dig +norec 68.123.224.212.zen.spamhaus.org @c.gns.spamhaus.org.` (maybe also replace 'c' in 'c.gns.spamhaus.org.' with 'a' - 'd')

; <<>> DiG 9.16.1 <<>> +norec 68.123.224.212.zen.spamhaus.org @c.gns.spamhaus.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37837
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;68.123.224.212.zen.spamhaus.org. IN A

;; AUTHORITY SECTION:
zen.spamhaus.org. 10 IN SOA need.to.know.only. hostmaster.spamhaus.org. 2003191900 3600 600 432000 10

;; Query time: 171 msec
;; SERVER: 46.246.28.116#53(46.246.28.116)
;; WHEN: Thu Mar 19 22:01:40 Arab Standard Time 2020
;; MSG SIZE rcvd: 113


================

; <<>> DiG 9.16.1 <<>> 68.123.224.212.zen.spamhaus.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45967
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
; COOKIE: 2a944d62e1d8cb9b (echoed)
;; QUESTION SECTION:
;68.123.224.212.zen.spamhaus.org. IN A

;; ANSWER SECTION:
68.123.224.212.zen.spamhaus.org. 0 IN A 37.131.68.29

;; Query time: 156 msec
;; SERVER: 192.168.1.6#53(192.168.1.6)
;; WHEN: Thu Mar 19 22:02:38 Arab Standard Time 2020
;; MSG SIZE rcvd: 88
=================

; <<>> DiG 9.16.1 <<>> dig 68.123.224.212.zen.spamhaus.org @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 61682
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
; COOKIE: 4050708d855b34cb (echoed)
;; QUESTION SECTION:
;dig. IN A

;; Query time: 0 msec
;; SERVER: 192.168.1.6#53(192.168.1.6)
;; WHEN: Thu Mar 19 22:03:24 Arab Standard Time 2020
;; MSG SIZE rcvd: 44

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30671
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;68.123.224.212.zen.spamhaus.org. IN A

;; AUTHORITY SECTION:
zen.spamhaus.org. 8 IN SOA need.to.know.only. hostmaster.spamhaus.org. 2003191903 3600 600 432000 10

;; Query time: 187 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Mar 19 22:03:24 Arab Standard Time 2020
;; MSG SIZE rcvd: 124

 

[krishnadaskk]

Helloo teams....

 

[Stoiko Ivanov]

as said in https://forum.proxmox.com/threads/zen-spamhaus-com-is-blocking-all-my-mails.67273/post-302082
you should run the dig commands directly on your DNS-host! (192.168.1.6 (ssh to 192.168.1.6 and run the command there)

It looks like a problem with your DNS-servers - unrelated to PMG

 

[krishnadaskk]

as said in https://forum.proxmox.com/threads/zen-spamhaus-com-is-blocking-all-my-mails.67273/post-302082
you should run the dig commands directly on your DNS-host! (192.168.1.6 (ssh to 192.168.1.6 and run the command there)

It looks like a problem with your DNS-servers - unrelated to PMG

Did the same..could you please check below result.

C:\apps\bind>dig +norec 68.123.224.212.zen.spamhaus.org @c.gns.spamhaus.org.

; <<>> DiG 9.16.1 <<>> +norec 68.123.224.212.zen.spamhaus.org @c.gns.spamhaus.org.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58941
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;68.123.224.212.zen.spamhaus.org. IN A

;; AUTHORITY SECTION:
zen.spamhaus.org. 10 IN SOA need.to.know.only. hostmaster.spamhaus.org. 2003200846 3600 600 432000 10

;; Query time: 156 msec
;; SERVER: 213.81.185.73#53(213.81.185.73)
;; WHEN: Fri Mar 20 11:47:49 Arab Standard Time 2020
;; MSG SIZE rcvd: 113



===================

C:\apps\bind>dig 68.123.224.212.zen.spamhaus.org

; <<>> DiG 9.16.1 <<>> 68.123.224.212.zen.spamhaus.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34855
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;68.123.224.212.zen.spamhaus.org. IN A

;; AUTHORITY SECTION:
zen.spamhaus.org. 9 IN SOA need.to.know.only. hostmaster.spamhaus.org. 2003200848 3600 600 432000 10

;; Query time: 156 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Mar 20 11:50:40 Arab Standard Time 2020
;; MSG SIZE rcvd: 124

==========================


C:\apps\bind>dig 68.123.224.212.zen.spamhaus.org @127.0.0.1

; <<>> DiG 9.16.1 <<>> 68.123.224.212.zen.spamhaus.org @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51646
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
; COOKIE: 759b1ee2c432b652 (echoed)
;; QUESTION SECTION:
;68.123.224.212.zen.spamhaus.org. IN A

;; ANSWER SECTION:
68.123.224.212.zen.spamhaus.org. 0 IN A 37.131.68.29

;; Query time: 93 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Mar 20 11:52:26 Arab Standard Time 2020
;; MSG SIZE rcvd: 88

 

[Stoiko Ivanov]

this further confirms my theory - that it's an issue with your DNS-server

C:\apps\bind>dig +norec 68.123.224.212.zen.spamhaus.org @c.gns.spamhaus.org.
..snip..
;; QUESTION SECTION:
;68.123.224.212.zen.spamhaus.org. IN A

;; AUTHORITY SECTION:
zen.spamhaus.org. 10 IN SOA need.to.know.only. hostmaster.spamhaus.org. 2003200846 3600 600 432000 10
;; MSG SIZE rcvd: 113

when you ask the authoritative server from your DNS server there is no record.

C:\apps\bind>dig 68.123.224.212.zen.spamhaus.org
..snip..
;68.123.224.212.zen.spamhaus.org. IN A

;; AUTHORITY SECTION:
zen.spamhaus.org. 9 IN SOA need.to.know.only. hostmaster.spamhaus.org. 2003200848 3600 600 432000 10

;; SERVER: 8.8.8.8#53(8.8.8.8)

same when you ask google DNS from your DNS Server

but:

C:\apps\bind>dig 68.123.224.212.zen.spamhaus.org @127.0.0.1

; <<>> DiG 9.16.1 <<>> 68.123.224.212.zen.spamhaus.org @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51646
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
; COOKIE: 759b1ee2c432b652 (echoed)
;; QUESTION SECTION:
;68.123.224.212.zen.spamhaus.org. IN A

;; ANSWER SECTION:
68.123.224.212.zen.spamhaus.org. 0 IN A 37.131.68.29

;; Query time: 93 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Mar 20 11:52:26 Arab Standard Time 2020
;; MSG SIZE rcvd: 88

Your local DNS lists an answer - there is a problem with the configuration on your DNS Servers

 

[krishnadaskk]

Hi Stoiko Ivanov

Thanks for your support.

I installed a new dns and forward to our domain server after that we receiving the E-mails.Now its working fine.

Any way could you please point what you find our dns issue?

 

[Stoiko Ivanov]

Quite simple:
* your DNS server(s) did not answer the same as: our internal ones, google 8.8.8.8, and the authoritative servers for zen.spamhaus.org

I hope this explains it!

Glad you found a solution!

 

[hata_ph]

If you intended to use spamhaus.org as your DNSBL list, do not use google DNS.

 

[hoanv9]

You can use OpenDNS at 208.67.222.222