On 19/04/2024 07:05, Jasen Betts via Exim-users wrote:
> On 2024-04-18, Sebastian Arcus via Exim-users <exim-users@???> wrote:
>> This is slightly off-topic, but if anyone could shed some light, it
>> would be very much appreciated. A few days ago I started having issues
>> with the public IP address of one network I look after ending up on the
>> Spamhaus XBL and CSS blacklists. I have taken good hard look at the
>> setup and applied to be delisted twice, but it is blacklisted again - so
>> I must be missing something. The following applies to this site:
>
> look at the timestamp of the spamhause listing, check exim logs for any
> intersting log lines shortly after that. spamhause creates the listing
> before replying "250" so their event will show a few seconds earlier
> than the delivery to spamhaus.
Thank you for replying. That's among the first things I looked at. In
all 3 cases of being blacklisted there is absolutely no activity in the
Exim log which can be tied with the information sent over by Spamhaus -
even if I look 1 whole minute before and after. At the moment it is all
still a mystery. I have corresponded with Spamhaus and posted on the
MailOP list. Port 25 is completely blocked outbound on this network,
except for the email server. At this moment in time the only two
possibilities I see is the VDSL router sitting in front of the NAT and
firewall being infected, or something having gotten mixed up at Spamhaus
end.
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
