False positive on SpamHaus
-
@jdaviescoates said in URGENT:
In a post on an originally unrelated thread about IPv6 issues @Gengar posted this link https://www.spamhaus.com/resource-center/successfully-accessing-spamhauss-free-block-lists-using-a-public-dns/ which I think explains what's going on with all these false positive spamhaus issues people are having:
The TL;DR seems to be: fill in this form https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
-
@jdaviescoates said in URGENT:
In a post on an originally unrelated thread about IPv6 issues @Gengar posted this link https://www.spamhaus.com/resource-center/successfully-accessing-spamhauss-free-block-lists-using-a-public-dns/ which I think explains what's going on with all these false positive spamhaus issues people are having:
The TL;DR seems to be: fill in this form https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
@jdaviescoates thank you! I will keep that as a final resort!
@girish , I would much appreciate any additional information to work-out those false positive alerts as they shall be handled - as I highlighted earlier, Ubuntu update doesn't seem to be relevant...
-
P potemkin_ai referenced this topic on
-
-
Those are two different issues actually.
-
-
This particular issue is due to the system's configuration which prevents correct spam resolution. Might be the root cause is one, but we can't be sure on that.
-
OK, I don't really understand the difference entirely, but maybe others can help out. Will leave this as unsolved.
-
P potemkin_ai referenced this topic on
-
-
Since the update to 8.3.2 (on Ubuntu 24) I am seeing these false positives as well. Nothing has changed with the network settings or DNS. I know it is ultimately just a cosmetic problem, but it would be nice to be able to deactivate this check as it serves no real purpose in my opinion.
-
Since the update to 8.3.2 (on Ubuntu 24) I am seeing these false positives as well. Nothing has changed with the network settings or DNS. I know it is ultimately just a cosmetic problem, but it would be nice to be able to deactivate this check as it serves no real purpose in my opinion.
@ccfu I can not agree on deactivate - the purpose is very useful. I would rather have it working properly!
-
@ccfu I can not agree on deactivate - the purpose is very useful. I would rather have it working properly!
If it worked properly that would of course be better
If only one blocklist is being checked (Spamhaus) its purpose is, in my view, rather limited. In any case a failed check due to a connection error should not cause a notification that the mailboxes are not set up correctly and these mailboxes to be showing as red in the list.
Edit: Connection errors happen with correct configuration when an ISP's DNS gets temporarily blocked by the DNSBL server. That seems to be my issue at the moment. In such cases I would like to be able to deactivate the check (even temporarily, for example 24 or 48 hours).
-
Im having the same false positive issue. Do I have to read through this whole thread and the other one or is there a simple fix/do I just need to wait for an update?
-
I have a task to make this check more "stable" for next release. Currently, it just shows the message on a single failure . I will fix the code to make it show when the error is more persistent (i.e over several failures or something like that).
-
I have a task to make this check more "stable" for next release. Currently, it just shows the message on a single failure . I will fix the code to make it show when the error is more persistent (i.e over several failures or something like that).
@girish That would be a big help for sure, but would it not make more sense to differentiate between connection failure and actual confirmed presence on the blocklist?
At the moment it seems to check every 30 minutes and if the DNS server has been blocked (e.g. for overuse of queries) this is likely to persist for 24 - 48 hours at least.
-
@girish That would be a big help for sure, but would it not make more sense to differentiate between connection failure and actual confirmed presence on the blocklist?
At the moment it seems to check every 30 minutes and if the DNS server has been blocked (e.g. for overuse of queries) this is likely to persist for 24 - 48 hours at least.
@ccfu the check is only once a day - https://git.cloudron.io/platform/box/-/blob/master/src/cron.js?ref_type=heads#L113 . But yeah, the code should ideally say "rate limited" , "connection timed out" . Some proper error messages. Thing is something has changed in SpamHaus recently and this is why many are hitting it . I have to test in depth to figure what the exact problem is. I just put a note here saying I will look into the issue for next release
-
Thanks, @girish
FYI, in the notification it says "Email Status is checked every 30 minutes. See the troubleshooting docs for more information." This appears to be incorrect then. The notification does indeed only come once every 24 hours.@ccfu good catch. I removed that misleading message, thanks
-
@girish said in False positive on SpamHaus:
@ccfu good catch. I removed that misleading message, thanks
I think your change just render obsolete the code comment saying to remove the duration in notification but I'm not sure
https://git.cloudron.io/platform/box/-/blob/master/src/cron.js?ref_type=heads#L113
-
@girish said in False positive on SpamHaus:
@ccfu good catch. I removed that misleading message, thanks
I think your change just render obsolete the code comment saying to remove the duration in notification but I'm not sure
https://git.cloudron.io/platform/box/-/blob/master/src/cron.js?ref_type=heads#L113
@SansGuidon it does, yes
-
Grrrr, I got the same issue now - Cloudron says in blacklist, Spamhaus says not.
Trying to get my head around this long thread.EDIT : errr, so TL;DR is nothing we can do and Cloudron will fix it βsometimeβ ?
Maybe I read too fast, but thatβs my takeaway at the moment ...