diff --git a/modules/email/email-diagnostics.sh b/modules/email/email-diagnostics.sh
index d00b8d2..2d953f0 100755
--- a/modules/email/email-diagnostics.sh
+++ b/modules/email/email-diagnostics.sh
@@ -566,8 +566,25 @@ if [ "$bounced" -gt 0 ]; then
 
         # Extract specific blacklists from rejection messages (strict filter to avoid false positives)
         TEMP_BLACKLISTS="/tmp/email_blacklists_$$.txt"
+        TEMP_BLACKLISTS_FILTERED="/tmp/email_blacklists_filtered_$$.txt"
+
+        # Initial extraction with broad pattern
         grep -iE "blacklist|block list|RBL|DNSBL|listed in|blocked using|on our block list|S3150|S3140|AS\(48|CS01|local policy|gmail.*(suspicious|reputation|spam|detected).*reputation|gmail.*detected.*suspicious|spamhaus|barracuda|spamcop|sorbs|abuseat|yahoo.*block|yahoo.*reject|aol.*block|aol.*reject|me\.com.*reject|icloud.*reject|mac\.com.*reject|protonmail.*block|protonmail.*reject|pm\.me.*reject|zoho.*block|zoho.*reject|fastmail.*block|fastmail.*reject|outlook.*block|hotmail.*block|live\.com.*block|msn\.com.*block" "$TEMP_BOUNCES" > "$TEMP_BLACKLISTS" 2>/dev/null || true
 
+        # ENHANCED: Filter out false positives with strict exclusions
+        # Exclude negation keywords, question contexts, and non-RBL blocks
+        if [ -s "$TEMP_BLACKLISTS" ]; then
+            grep -vE "not blacklist|not listed|NOT listed|no.*longer|removed from|delisted|successfully delisted|you.*can.*now|check if|if.*server|if your|we block|some.*block|unlike|rarely|are rare|except|not.*block|not.*in|but.*policy|policy.*block|firewall|rate limit|internally|internal.*block|local.*block|rejected.*not.*blacklist|based on sender|blocks are" "$TEMP_BLACKLISTS" > "$TEMP_BLACKLISTS_FILTERED" 2>/dev/null || true
+
+            # Use filtered version if it has content, otherwise use original
+            if [ -s "$TEMP_BLACKLISTS_FILTERED" ]; then
+                mv "$TEMP_BLACKLISTS_FILTERED" "$TEMP_BLACKLISTS"
+            else
+                # All messages were false positives, clear the file
+                > "$TEMP_BLACKLISTS"
+            fi
+        fi
+
         # Try to extract server IP from rejection messages
         extracted_ip=""
         if grep -qiE '\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]|from [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' "$TEMP_BLACKLISTS" 2>/dev/null; then