This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

open resolver spamhaus

Hello,

some Users are unable to send E-mails to us.

They are getting

Remote Server returned '554 5.0.0 <utm.acme.at #5.0.0 smtp; 550 Error: open resolver; https://www.spamhaus.org/returnc/pub/66.185.117.243>'

if I klick on the Link  Spamhaus tells me that the Problem is on the receiving side.

I do'nt know where the IP is from.

I've read the Spamhaus Page but can't figure out what's wrong.

The Count of Emails getting blocked are rising every day and i have to solve the problem.

I've googled the problem but there are no evidences :-(

would be lucky if someone could help

TIA

Tibor



This thread was automatically locked due to age.
  • The IP you see is from sending mail server.
    Your server don't accept the mails.
    The spamhaus link suggest a blacklist-entry ... But spamhaus say "it is n't".
    I don't understand the "open resolver" context. Is your UTM unable to resolve some addresses ... has it detected an "open resolver" for the sending server?  Which DNS-Server do you use at the UTM?
    I would try to change them temporary to 1.1.1.1 and 8.8.8.8 ...


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • seems you can't use spamhaus RBL from public / open DNS-resolvers.

    Disable the RBL or try a provider-DNS.

    https://www.spamhaus.org/returnc/pub/66.185.117.243

    "Queries cannot successfully be made to the Spamhaus free infrastructure via public/open resolvers. This is to protect ...."

    https://www.spamhaus.com/resource-center/successfully-accessing-spamhauss-free-block-lists-using-a-public-dns/

    "FAIR USE PRINCIPLES – You are not automatically entitled to the use of Spamhaus’ DNSBL Public Mirrors. Use of the DNSBL Public Mirrors via DNS queries to our public DNSBL servers is free of charge provided you meet all of the following criteria:

    1. The DNSBL Public Mirror is provided free of charge for non-commercial use by small and medium-sized organizations...."

    "If an IP address regularly exceeds the above criteria, it is suggested the user pays to use the commercial DNSBL Data Query Service (DQS)."


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • Thank you Dirk!!

    after reading the artikle for the 46th? time but now under the context that "open resolver" means "public DNS" everything makes sense suddenly ;-)

    Changed to provider-DNS and everything is working fine now.

    But how do they know that i used a public DNS to resolve?

    Didn't know that something like that is possible.

  • as DNS owner you can forward different entries for a host to different sub-DNS-servers.

    So you access a "blocked" spamhaus-server with these DNS-Answer.

    ... only one option ... don't know the real way.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.