After 5 days my domain is now listed on Spamhaus DBL and SEM FRESH

Hello I’ve had my domain for about 5 days and just now got listed on Spamhaus DBL and SEM FRESH. I sent a email to Spamhaus and all they did was block my email from being able to make new tickets. I don’t know what to do and I don’t know how to fix this

Is it a newly registered domain name? " When a security expert observes a domain for the first time on the internet, they will assign it with “no reputation” or “low reputation” because reputation is based on history. Generally, for the first 30 days after initial registration, most companies specializing in threat intelligence will flag a newly registered domain. The flag indicates the domain is under heightened scrutiny and is being watched for malicious activities, which include immediately sending mass emails."

See - https://www.spamhaus.org/resource-hub/domain-reputation/best-practice-for-owners-of-a-newly-registered-domain-part-3/

Basically it seems like some kind of pay to play game where you can pay to have them remove it or you have to register a domain and let it sit for a while before use (with mail). I’m not sure what the exact right answer is but it’s definitely getting much harder to just register a domain and start using it for email.

Try visiting https://check.spamhaus.org and see if there is a way to remove it from there…

Well as I said I tried to talk to them and all they did was block me from being able to open new tickets and closing the one I had open

All it tells is is the Domain Blocklist (DBL) lists domains that have poor reputation associated with them. But as again I can’t talk to them as I feel they will just block another one of domains from being able to open tickets and close the new ticket like last time. I don’t know why they did not tell me why my ticket was closed the first time

Ok so another update I moved one of my old domains to my miab and now it’s listed by spamhaus-dbl. This domain has been up for much longer than the newer domain so I don’t know why it would be practically almost instantly listed after the move

What is the actual output of https://check.spamhaus.org/? Try both the domain and the ip address you’re running from.
Also, where do you get the indication that you are on the spamhaus dbl?

The fact that every time I try to send out an email mailinabox blocks sending the email and complains that my domains are listed. Again I’ve checked my IP before and even my provider did the same and they’re not listed anywhere the IP reputation is almost perfect honestly. I’ve tried sending in a delisting request again from my gmail this time and they closed the ticket without responding again. But the good news is my other domain fell off SEM FRESH

From your message I understand that when you send a mail you get a rejection mail? And check.spamhaus.org shows nothing for your ip and domains? Is that correct?
You might be encountering Take spamhaus return codes into account in status check and postfix config by kiekerjan · Pull Request #2332 · mail-in-a-box/mailinabox · GitHub
Did you change anything regarding dns on your box? How are you hosting mail in a box?

So before I got listed it was hosted on a different mailinabox though I wanted to change server providers so I took the old install offline moved to a new server provider. The things that changed were NS from old.click to new.xyz and same for the host name and IP both providers gave me an almost perfect IP that had perfect reputation. After the new.xyz got listed a day latter the old.click got listed as well. And this is the message I get when trying to send out emails

An error occurred while sending mail. The mail server responded:
Service unavailable; Sender address [redacted@old.click] blocked using dbl.spamhaus.org; Listed by DBL, see https://check.spamhaus.org/query/domain/redacted.
Please check the message recipient “redacted@gmail.com” and try again.

My domains are listed on their thing and after bugging them enough I finally got told my domains are ineligible to be delisted at the moment. My domains are clearly not listed based off of age

Is there a way I can get mailinabox to ignore the listing and to try delivery?

Ok I managed to get the system to ignore the listing and allow me to send outbound mail I know this isn’t a good situation to be in but since this is a personal email server without much outbound email I don’t know how to increase the reputation of the domains besides letting them age

Oh yeah and looking at the listing codes they have my domains listed as spam domains

I’ve made another observation it seems like any domain pointed to my NS records of new.xyz seems to get that domain marked as spam as well

stylnchris I’m sorry to @ you on this but I have no idea why my domains if pointed at new.xyz get marked as spam on spamhaus-dbl. I’ve been doing proper email procedures as you listed for good email reputation way before this. I mean I’ve never sent out automated emails nor had my servers compromised

Try using a third party SMTP provider to relay your outbound emails. I very occasionally get outbounds rejected (especially by ProofPoint) and toggle to another SMTP service instead.

If you’re only sending a few emails and not running hundreds of domains or sending mail shots, there are some free and low cost services out there.

Sometimes it’s simply not worth the effort to try to get your own IP or domain delisted. As long as you’re a legit low traffic user, outsource the SMTP and reduce your stress levels!

I used to use protonmail to send emails under my domain but decided to use mailinabox because then I don’t have to trust them with my pgp keys and data. I prefer not having to relay my emails considering the IP I have. Upon further research the reason why my domains are getting flagged is because the NS records box.new.xyz and host name box.new.xyz are considerably distrust worthy to spamhaus so any domains pointing to those NS records get automatically flagged. I did a reputation check on spamhaus’s site and they have new.xyz with a reputation of -6 and it’s all from domain infrastructure like it’s NS records, A records and so on. Pointing a domain that had good reputation like old.me which I have had for a few years and had a reputation of 2 got kicked down to -4 which absolutely sucks but surprisingly didn’t get listed I hope with time the negative reputation will age and turn positive. Other than this nightmare and having to tweak mailinabox to ignore the fact that it is listed and to ignore the fact that some incoming email domains are listed as well made it work out I plan on reverting the unsupported change when everything ages properly and gets trusted again

I understand why you don’t want Proton having access to your PGP keys etc, and why you’d rather self-host. But I think you’re facing an uphill battle if your domain actually is “new.xyz” ! And in all honesty, if you are using PGP in all your email communications, then it’s no big deal using a third-party SMTP relay service as your email will be encrypted on it’s way out (yes, except the subject line but that’s a PGP issue not an SMTP issue).

It’s been my experience that lots of spammers have grabbed the ‘xyz’ TLD because it’s cheap, and sad to say (for you at least) I simply reject every and any email using that suffix. I’ve even got the TLD blacklisted on my own home and work NextDNS config so that there’s no chance of anyone getting redirected to a potentially malicious site.

Is this harsh? Perhaps; but the world spins on “.com” and well established TLDs even though there are lots of legit websites that use more “exotic” TLDs in their URLs. Look for yourself - you might find a site with a “.xyz” or “.random” TLD in their URL, but chances are their email contact address will be a gmail or more accepted email address.

Now, if you’re not actually using .xyz as your email domain, then all the above is moot! But if you are, to be frank, you’re probably pissing into the wind and will be for quite some time. You may hope that Spamhaus finally relinquishes and you’re able to send but you’re teetering on a kinfe edge with that TLD. (All the above is my opinion only and you are free to completely disagree!).

Yeah I accept that the xyz TLD is a spammers wet dream due to how cheap it is. I never really wanted to use it as a email domain but if it could be used as one. It would be a nice feature as I could use it for automated emails from my synapses matrix server and other stuff that I don’t want to use my personal .me or .click domain for. Oh well I guess I get what I pay for. Was pretty nice I could get it for 0.50 USD. I can still use my personal .me domain on the miab install until age improves my new domains reputation. I mean they can’t keep me listed forever can they?

If your domain got listed on Spamhaus DBL and SEM FRESH after just 5 days, it’s crucial to address the issue promptly. First, review your email practices to ensure compliance with anti-spam policies. Contact Spamhaus through alternate channels, providing detailed information about your domain and your innocence of malicious activities. Verify domain ownership and review website content for any malicious elements. Seek professional assistance if needed to resolve the listing and improve email deliverability. Monitor your domain’s reputation regularly and implement best practices to maintain a good standing. Remember, patience and diligence are key to resolving blacklisting issues effectively.

1 Like

As I said before I don’t really send much emails so it wouldn’t be my email practice and it wouldn’t be my server is compromised I don’t really host web elements on those domains besides the default email login portal. I also stated that SEM FRESH dropped my domain. If my domains had bad sending practices and were sending spam and were compromised I would notice this on my email servers IP but again my IP has practically perfect reputation. I also set up a blacklist monitor to alert me if I’m listed somewhere else or delisted. This is a personal email server not really used for automated stuff

@bobby99
Write Spamhaus directly and insist to keep the ticket open. Say that you could not even verify your email because they are listing you immidiatly. Request delisting and complain that they impose much strickter listing rules than you deserve. Proove that you are not a spammer, send them postfix logs. Here is the direct contact to spamhaus. Everytime they fail to let you delist yourself automaticly write here https://contact-center.spamhaus.org/ Choose I want to remove my IP/DOMAIN. You can also complain along the lines that they seem to replicate internal block lists of the big Mailbox providers and they seem affiliated with them. That pisses them off. And they seem to take you seriously. It seems that the change of IPs needs some IP warmup. Do not test too much by sending to yourself. They consider that as spoof test. Be patiant and good luck. Start by sending 1 message a day to the big Mailbox providers. Increase gradually.