Unable to Receive Emails on CWP

Margaret H.
  • Updated
Follow

Here, we cover a known issue where Spamhaus blocks all incoming emails due to an open resolver. The error might appear as the following.

postfix/smtpd[30551]: NOQUEUE: reject: RCPT from mail-yb1-f173.google.com[209.85.219.173]: 554 5.7.1 Service unavailable; Client host [209.85.219.173] blocked using zen.spamhaus.org; Error: open resolver;

This can happen if the mail server is rebuilt with the option AntiSpam/AntiVirus enabled.  This is due to Spamhaus no longer offering an open resolver, but instead requiring a custom endpoint using DSQ.

The current solutions are either to disable Spamhaus or manually update the Postfix configuration to query the Spamhaus DNSBL using a DQS key.

Disable Spamhaus through CWP Admin

IMPORTANT: This solution will require root access. If this needs to be obtained, follow the guide on requesting root access.

  1. Log into CWP Admin
  2. Click on the Email dropdown in the panel on the left
  3. Click on the AntiSpam option
  4. Confirm that SpamHause protection is Active
  5. Click the Uninstall Spamhaus button

Disable Spamhaus through Postfix Configuration

NOTE: These steps should be used if you do not want SpamAssassin to be completely disabled.
IMPORTANT: This solution will require root access. If this needs to be obtained, follow the guide on requesting root access.
 

  1. SSH into the server
  2. Edit the /etc/postfix/main.cf file using your preferred text editor
    EXAMPLE: Use nano /etc/postfix/main.cf to edit the file with nano.
  3. Locate the line that begins with smtpd_recipient_restrictions
  4. Delete , reject_rbl_client zen.spamhaus.org from the line
  5. Save the file
    NOTE: If using nano, press <Ctrl+X> followed by <Y> to exit and save.
  6. Reload Postfix with the systemctl reload postfix command
    CAUTION: If the mail server is rebuilt in CWP Admin with AntiSpam/AntiVirus enabled, the Spamhaus entry will be written back into the Postfix configuration and these steps will need to be followed again.

Enable SpamHaus DQS

IMPORTANT: Please be aware that Technical Support cannot provide support on this issue as it is out of scope (OOS). It is strongly advised that a third-party developer assist with any Postfix configuration updates.

  1. Review and implement the article from Spamhaus that covers this topic
    NOTE: At the bottom of the article, there is a section called A free upgrade: Spamhaus DQS. This section will provide them with the steps to enable Spamhaus DQS.
    CAUTION: After implementing Spamhaus DQS, if the mail server is rebuilt in CWP Admin, the Postfix configuration will be overwritten and these steps will need to be followed again.

Related articles

Comments

0 comments

Article is closed for comments.