I transferred to Cloudflare some time ago.
Since about w week the emails sent by the contact form on this website are being marked as SPAM by Microsoft Outlook.

The headers of the emails were:

X-Spam-Status: No, score=1.7 required=5.0 tests=ALL_TRUSTED,DKIM_INVALID,

I noticed today that during the transfer of the DNS records Cloudflare missed one TXT record for the DKIM.

I put it back. Now the hearders look like this:


so DKIM is ok, however it looks like that the fact that DKIM was not ok, or maybe for a different reason, I was added to the URIBL_BLOCKED rule. Maybe it is a blacklist I need to get removed from?
It seems to me though that Spamassasin checks something else… not sure what,

Please note that the server configuration was not changed, altered since about 1 year.
And this problem (emails marked as SPAM) is happening since about 1 week.

Please take a look here: CachingNameserver - SPAMASSASSIN - Apache Software Foundation

Does it mean that Cloudflare is the problem and I have to configure something else in a different way?

This error appears when the nameservers in the /etc/resolv.conf file are not permitted to perform DNS lookups to the URIBL servers.

At a minimum, I’d try restarting spamd. Perhaps, have a look at How to get rid of SpamAssassin URIBL_BLOCKED Administrator notice – Blog | Unix (alltime.pp.ua).

This is the content:

# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
search localdomain
nameserver 2001:4860:4860::8888

These seem to be Aruba’s DNS servers. The mail server is hosted in Aruba VPS.
They don’t seem to be free DNS servers that I should avoid using… they seem to be legit.

Many blacklisting services don’t allow queries from freely available DNS servers, and that includes (or may include) whatever DNS your provider provides you.

For e-mail servers you really have to (or should!) use your own recursive resolver. Unbound is a common choice that works perfectly.

Thank you for your help.
I installed Unbound and it works (it caches the dsn queries and the second time they take 0 msec to resolve).

However the problem is not resolved, because still:
May 03 21:31:56 mail01 spamd[12054]: spamd: result: . 1 - ALL_TRUSTED,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_REPLYTO,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED scantime=0.3,size=1407,user=vmail,uid=994,required_score=5.0,rhost=localhost,raddr=,rport=47878,mid=<[email protected]>,autolearn=no autolearn_force=no

Do you know if I have to add this forwarding configuration to my provider’s DNS?

Just in case it may help, I put my configuration here.

It looks that your IP address is blocked from QUERYING the URIBL, which does not necessarily mean that your IP address is actually in the blacklist.

If this gives you so much trouble, why not just disable URIBL?

Note that this very likely has zero effect on Outlook classifying your e-mails as Junk. E-mail deliverability is a world in itself, and my best advice would be to use a professional e-mail service/server, instead of rolling your own.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.