1

I am having this weird Postfix issue with Spamhaus excess volume error. First off I checked what the error suggested to check here

I followed the instructions and changed my configuration as follows:

    smtpd_recipient_restrictions =
...
reject_rbl_client zen.spamhaus.org=127.0.0.[2..11]
reject_rhsbl_sender dbl.spamhaus.org=127.0.1.[2..99]
reject_rhsbl_helo dbl.spamhaus.org=127.0.1.[2..99]
reject_rhsbl_reverse_client dbl.spamhaus.org=127.0.1.[2..99]
warn_if_reject reject_rbl_client zen.spamhaus.org=127.255.255.[1..255]

It did not help, the error was still bugging me.

Then I followed Spamhaus's next advise like this, removing my above first attempt with smtpd_recipient_restrictions

    postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]

Alas, it did not help either, the error was still popping up. Then I totally removed and erased everything about spamhaus in my Postfix main.cf. No postcreen_dnsbl_sites, no smtpd_recipient_restrictions at all, etc. I also specifically checked every single setting of Postfix for the word spamhaus making sure that nothing even mentions spamhaus. Then restarted Postfix. But that did not help either.

Then I cleaned up postscreen cache thinking that it might help, even though restarting and reloading Postfix should do the trick of clearing this cache, but for the purpose of checking I did it too.

    postmap -clean

But.. still no dice. The error of excess volume is still there. I have it running live on my command line tail -f /var/log/syslog and it pops up there time to time, without going anywhere.

Then I cleared my DNS cache like so resolvectl flush-caches - no use.

I also checked Postfix queue like this mailq and it says there is nothing, queue is empty.

Meanwhile, the error still there, no matter what. I am already going totally nuts at it. What am I missing? I am by now fine to remove that spamhaus completely, but it's stuck and looks unremovable and won't let this server receive mail.

I would be really grateful for any suggestions, any help at all. Many thanks in advance!

The error itself looks like this:

     NOQUEUE: reject: RCPT from mail-qk1-f180.google.com[209.85.222.180]: 554 5.7.1 Service unavailable; Client host [209.85.222.180] blocked; Error: excess volume; https://check.spamhaus.org/returnc/vol/209.126.15.52/; from=<mymail@gmail.com> to=<post@somemail.com> proto=ESMTP helo=<mail-qk1-f180.google.com>
Dennis
  • 31

2 Answers2

4

Personally, I have stopped using Spamhaus as they have strict policies, and they can change how they treat your system at any point according those policies. That is simply not a reliable service for rejecting mail, and Postfix MTA cannot be configured to skip a faulty RBL. You could still use their services for scoring with Spamassassin, or do as is told on the page linked in the error message.

How to configure MTAs to parse error codes

If error codes aren't correctly parsed when using the Public Mirrors, all email messages may be treated as "LISTED" or "NOT_LISTED." To avoid this, see our instructions on how to use the Public Mirrors with popular MTAs.

How to continue using Spamhaus DNSBLs

If you exceed the Public Mirrors' fair policy usage, you can sign up for the commercial Data Query Service. The good news is that this service comes with additional benefits:

  1. Real time updates – this is a commercial grade service

  2. Access to an increased number of blocklists, including:

    • Zero Reputation Domain Blocklist (ZRD)
    • Hash Blocklists (HBL)
    • Authentication Blocklist (Auth BL)

Other common reason is covered in Spamhaus FAQ for Your DNSBL blocks nothing at all!; you are not supposed to be using a DNS resolver they consider "open".

If you are using a free “open DNS resolver” service such as the Google Public DNS (8.8.8.8) in most cases they will return a “not listed” (NXDOMAIN) reply from Spamhaus’ public DNSBL servers. This can also occur if a resolver with generic, unattributable rDNS is being used. Help can be found here.

We recommend using your own DNS servers when doing DNSBL queries to Spamhaus. If that is not possible contact Spamhaus Technology for other options.

Esa Jokinen
  • 52,963
  • 3
  • 95
  • 151
1

Let me also answer my own question as it may help somebody else out there as well.

My case was much simpler. I used another RBL called cbl.abuseat.org that appears to be part of Spamhaus too! How could I have ever possibly known that Abuseat belongs to Spamhaus?!

Therefore, if you remove zen.spamahus.org but leave cbl.abuseat.org it will still trigger the same Spamhaus' error of excess volume! As soon as I removed Abuseat as well it started to work. That's all there was to it.

My other tiny problem was that my other active server for the same domain was querying the same RBLs at the same time too so apparently it caused this conflict. I will run more tests and checks to see if that was really the reason.

Esa Jokinen
  • 52,963
  • 3
  • 95
  • 151
Dennis
  • 31