Hi! I’m experiencing something of a conundrum. I am running MIAB on a Linode VPS, an was notified that my IPv6 /64 range is listed on Spamhaus XBL and CSS. This is a dedicated IPv6 /64 range I got from Linode that should only be used by this machine. To get around this issue, I’ve disabled IPv6 everywhere I could (removed the address from MIAB’s configuration, set Postfix, Dovecot and SSH to all only use IPv4), and I’ve removed the AAAA records for my domain. I’ve also checked auth.log and mail.log and didn’t find anything suspicious looking there. Despite all of this, Spamhaus is seeing SMTP connections on port 25 from my IPv6 /64 range even after I made these changes.
"A device (computer, server, mobile phone, etc), or an app on a device that is using (my ipv6)::/64 is infected, badly misconfigured, or compromised. It is making SMTP connections with multiple unrelated HELO values on port 25.
The most recent detection was on: January 15 2026, 12:25:00 UTC (+/- 5 minutes). The observed HELO values were fdtincycdi.optinunder.uk.com, kchlcsuyiz.layercoch.uk.net, hjxrmaxaht.resprsteep.us.com, rtuuyajmlx.systctlpro.uk.com, kpbuunnrzb.norichansritt.uk.net."
Linode doesn’t allow for disabling IPv6 in their Network Helper (though it is possible to disable that and make changes via Netplan but that’s a hassle), I did try disabling IPv6 via GRUB but that seemingly completely broke MIAB which is… suboptimal. 
I changed the root password just in case today, but does anyone have an idea what might be going on? Thanks in advance for any help!