Loading ...
Sorry, an error occurred while loading the content.
 

Re: dnsblog lookup error questions

Expand Messages
  • Stan Hoeppner
    ... Your bind setup should be fine. There s probably no need to change anything. ... To be clear, Spamhaus only blocks queries from DNS resolvers. So you re
    Message 1 of 14 , Nov 11, 2012
      On 11/10/2012 7:32 PM, Alex wrote:

      >> If you are running a local recursing resolver, such as pdns-recursor, on
      >> this host, then the IP of this host is relevant to Spamhaus.
      >
      > If bind works okay, and any errors seem to be related to spamhaus
      > itself, does it really warrant changing it to another name server?
      >
      > I read a little about it, and see they have an RPM. I have bind
      > configured to use the root servers, and it's running okay, so I don't
      > know that I need to change it.

      Your bind setup should be fine. There's probably no need to change
      anything.

      >> The issue is likely that the configured DNS resolvers are public servers
      >> that have been banned by Spamhaus in the past. As others have mentioned
      >> there are many ISP type DNS resolvers that are not allowed to query
      >> Spamhaus' servers.
      >
      > Yes, I've changed postscreen to use the host given to me specifically,
      > and it seems to be working okay.
      >
      > I should have mentioned that I was only using the public DNS servers
      > during testing, before I realized spamhaus had my server blocked.

      To be clear, Spamhaus only blocks queries from DNS resolvers. So you're
      saying your bind server was being blocked? Or you were using AT&T or
      Quest resolvers, for example?

      >>> Thanks so much for everyone's help.
      >>
      >> You're welcome "Alex". ;) Apologies if I 'leaked' any details you may
      >> not have wanted public, but since I'm maintaining your anonymity I
      >> figured this would be fine.
      >
      > Nah, not worried. I think I'm a good judge of character :-)

      :)

      > Thanks again for your help. Nearly all of the last two weeks without
      > power, yet I managed to support my network remotely with hardly the
      > customers being impacted, and their users had absolutely no idea. I'd
      > say this old sysadmin did pretty darn good :-)

      Indeed.

      --
      Stan
    Your message has been successfully submitted and would be delivered to recipients shortly.