Fixing Email Bounce Back Issue in Hestia (Exim4 Blacklist Rejection)
Issue
Emails are bouncing back due to Exim4 rejecting senders that are listed in Spamhaus. The error message in the log shows:
SNI=mail.aurumcapinvest.com F= domain rejected RCPT test@domain: Rejected because 209.85.221.42 is in a black list at zen.spamhaus.org
This happens because Exim4 is checking sender IPs against a DNS-based blacklist (DNSBL).
Solution: Disable DNS Blacklist Checks in Exim4
1. Check the Exim4 Log for Errors
Run the following command to monitor live logs and confirm the error:
tail -f /var/log/exim4/mainlog
Look for rejection messages related to `zen.spamhaus.org` or other blacklists.
2. Edit Exim4 Configuration File
Open the Exim4 configuration template:
vi /etc/exim4/exim4.conf.template
Locate the following section and comment out the blacklist check:
# deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text # hosts = !+whitelist # dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}}
– This prevents Exim4 from rejecting emails based on blacklists.
3. Save the File and Exit
Press `Esc`, then type `:wq` and press `Enter` to save and exit `vi`.
4. Update Exim4 Configuration
Run the following command to apply the changes:
update-exim4.conf
5. Restart Exim4
Restart the mail server to apply the changes:
systemctl restart exim4
Verification
1. Send a test email and check if it is successfully delivered.
2. Monitor logs to ensure emails are no longer rejected:
tail -f /var/log/exim4/mainlog
Conclusion
By disabling the DNS blacklist check in Exim4, emails will no longer be rejected based on Spamhaus listings. However, keep in mind that this reduces spam protection, so consider implementing other spam filters like SpamAssassin or RBL scoring instead of outright rejection.