Is there any known issue or mistake during installation I may have made with MiaB that might cause it to be added to the Spamhaus Domain Block List every other day?
Every day my Status Checks Change Notice email tells me I have either “ This domain is listed in the Spamhaus Domain Block List (code 127.255.255.254), which may prevent recipients from receiving your mail.” or “✓ Domain is not blacklisted by dbl.spamhaus.org.”
No matter what I do seems to stop it. Any time I ever look on SpamHaus, it reports there is nothing wrong with that domain (or any other domain I host on my MiaB servers).
It is on a Ubuntu server in my data rack behind my firewall. IP address for DNS is 184.108.40.206 for all my devices.
I have been getting worried that I have the firewall set up incorrectly because most of my email traffic from my other server shows the firewall as part of the path. Wondering if I need to put more effort into setting up a DMZ instead of what I have.
Most blocklists like spamhaus function through DNS lookups. However, they usually set a limit to how often a DNS server can query their blocklist. Public servers like 220.127.116.11, go fast over such a limit, which is why it’s better to use your own DNS server. That’s why Mail-in-a-Box includes a recursive DNS server, bind9. My advice is that you use the default installation, and not change this bit.
I have no comment on your firewall, DMZ or virtual IP, because I know too little about that situation to add something.
It was actually to support local DNSSEC lookups for DANE for mail delivery. I totally forgot that we need it for this reason too, which is good to know because I’m contemplating removing DNSSEC from future versions (to simplify things).