Re: [Exim] DNSBL Question/Alert

Top Page
Delete this message
Reply to this message
Author: James P. Roberts
Date:  
To: exim-users
Subject: Re: [Exim] DNSBL Question/Alert
As far as I know, there is no setting to disable a particular DNSBL "on
the fly" so to speak. I am sure I will be corrected if wrong! Philip,
is there any simple way to do something in the code, to achieve the
following:

(a) if we get some number of timeouts in a row, to a particular DNSBL,
temporarily stop using that DNSBL.
(b) write a message to the log when this occurs.
(c) do something (similar to existing retry rules?), to see if DNSBL
server has come back up yet.
(d) write to the log each time the DNSBL server is tested.
(e) resume using the DNSBL if the server has come back up.
(f) write to the log when this occurs.

Another idea balloon to float:

If using +defer_unknowns with one's DNSBL list, and if only one of
multiple DNSBL is giving timeouts, and the other(s) are giving a clean
bill of health, do not impose the defer.

That would prevent the situation that I hit, which was that, because a
single DNSBL went down, ALL incoming mail was suddenly getting deferred.
As a result, I've removed +defer_unknowns, which now puts me at risk of
accepting spam, if the DNSBL's I use are victimized by DOS attacks, for
example, or even just very high traffic. Which might occur during a
large spam attack... self-fulfilling... kind of a "throw so much water
at the dam that it flows over the top" thing. I sure don't want to
encourage that!

Any thoughts?

Jim Roberts
Punster Productions, Inc.

----- Original Message -----
From: "Mark Douglas" <md11@???>
To: <exim-users@???>
Sent: Wednesday, January 08, 2003 5:07 AM
Subject: Re: [Exim] DNSBL Question/Alert


> Hello
>
>
> > the (Osirusoft) DNS blocking list check began timing out
>
> Yesterday morning I was caught by this. Most SMTP connections were
> timing out and we eventually traced it to the Osirusoft lookup
> hanging. I removed that lookup and things seem normal.
>
> Newbie question:
>
> Can anyone tell me how I would get Exim 3.22 to ignore/drop a dead
> DNSBL so the whole system doesn't get bogged down? I feel like
> there's a setting I've missed.
>
> Also does anyone know what's happened to Osirusoft? We still can't
> reach it today.
>
> Thanks in advance
>
> Mark
>
> On 6 Jan 2003 at 17:59, Jon James wrote:
>
> snap I am having huge probs with this at the min :-(
>
>
> ----- Original Message -----
> From: "James P. Roberts" <punster@???>
> To: <exim-users@???>
> Sent: Monday, January 06, 2003 5:38 PM
> Subject: [Exim] DNSBL Question/Alert
>
>
> > Dear Exim List:
> >
> > +defer_unknown:relays.osirusoft.com
> >
> > caused problems for me, beginning about 7 AM EST today, Jan. 6,

2003.
> > The response time from this particular DNSBL is running around 20
> > seconds (at least, for a ping to it, as a quick check). As a

result,
> > the DNS blocking list check began timing out, and ALL incoming

messages
> > were deferred (until I went in and removed the +defer_unknowns, and

also
> > removed relays.osirusoft.com from the list... I kept the other one

I
> > use, as it still seems to be working well.)
> >
> > Does anyone perchance know what happened to Osirusoft?
> >
> > Anyway, check your logs, if you use this particular DNSBL.
> >
> > Jim Roberts
> > Punster Productions, Inc.
> >
> >
> > --
> >
> > ## List details at http://www.exim.org/mailman/listinfo/exim-users

Exim
> details at http://www.exim.org/ ##
> >
> >
>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> Exim
> details at http://www.exim.org/ ##
>
>
>
>
>
> --
>
> Mark Douglas
> Postmaster
> School of Oriental and African Studies
> University of London
>
>
>
>
>
>