[SOLVED] Public IPv6 blacklisted but not detected in MIAB

Hello guys,

A few days ago I helped a friend install his own MIAB server, both my MIAB and his MIAB have IPv6 public addresses assigned while I was testing I did receive an e-mail from him, but when I did try to replay I’ve got:

Undelivered Mail Returned to Sender

Looking at the message it was clear that my friend’s server has rejected my replay because my IPv6 was blacklisted in Spamhaus CSS at the same time my MIAB # System Status Checks was not detecting blacklisting issues:

✓ IP address is not blacklisted by zen.spamhaus.org.

Qucik look at the code it looks like MIAB is checking only IPv4?:

mailinabox/setup/network-checks.sh:if host $REVERSED_IPV4.zen.spamhaus.org > /dev/null;
mailinabox/management/status_checks.py: zen = query_dns(rev_ip4+‘.zen.spamhaus.org’, ‘A’, nxdomain=None)

Meanwhile, MxToolBox passes with flying colours on all 150 checkpoints green! It does detect IPv6 of my server correctly! The MX webtool does not see any issues with spamhaus.org blacklisting.

I can manually request delisting ‘spamhaus.org’ or ask my VPS host to assign a new IPv6 to my VM, but was wondering - Can this be improved? I wonder if that could be one of the reasons some of my mails to Outlook/Hotmail ending in the spam.

Edit 2: Check the info below by @alento: There is a second unrelated issue:
It is with my friend’s MIAB, that I have never seen before: He just bought a new domain - 5 days ago, and his new IPv4&v6 are all fine, but his domain name is blacklisted in MXToolBox by SEM FRESH5-30 (spam eating monkey lists) and he has not sent any e-mails yet, or used his domain at all. Has anyone seen anything like this before?

Both mail servers are running on unmodified MIAB v.50/Ubuntu 18.04 *thx @alento.

Edit 1: Found this tool Multi IPv4/IPv6 and domain blacklists check checking out MIAB domain all is good, but my IPv6 is blacklisted on a few lists, requested removal and will check back tomorrow.

Edit 3: Only three blacklists left to go! Investigating the logs I can’t see a reason for my IPv6 to get in the lists in the first place? ** This was a fruitless attempt for IPv6 read below ( always 3 pending )

Edit 4: I have contacted Linode support explaining in details what I’m running and what is the problem - they were super fast to provide a resolution!
It turns out I falsely assumed my IPv6/64 address range is dedicated to my VPS node only but that was not the case! It’s not dedicated to my VPS, and it’s shared by default with other VPS out of my/Linode control. So Linode support provided me with routed&dedicated IPv6/64 address space.
Now I need time to reconfigure the VPS network/service to use it :wink:

Edit 5: New IPv6/64 block.

  1. Added the first :1 routed IPv6 address to my VPS, and reinstalled MIAB the usual way, and during the install when it asks for IPv6 I did add the :1

    curl -s https://mailinabox.email/setup.sh | sudo -E bash

  2. In Linode control panel under Linodes>VPS-Name>Networking assigned rDNS name for the :1 IPv6

  3. Popped on to my DNS registrar website and edited Glue/Host IPv6 records to point to the new :1

  4. Ran a Nmap -6 “the new IPv6 :1” from another IPv6 enabled VPS to confirm all ports are open and accessible from outside and did again usual mailbox tools checks mentioned above.

Mark as resolved.

Cheers

SEM automatically adds all new domains to their lists … the domain is 5 days old, so it will be on one of their lists until it is 30 days old. Fortunately few email recipient servers use this list, with, in my estimation, the exception of Gmail - hence why they are so problematic for many here.

1 Like

Surely that is a typo! Ubuntu 18.04 is required.

1 Like

This topic was automatically closed after 61 days. New replies are no longer allowed.