Re: [exim] SBL checks not working

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Ted Cooper at <-
MMDuane Hill at ->
Delete this message
Reply to this message
Author: other
Date:  
To: exim-users
Subject: Re: [exim] SBL checks not working
Thank you to everyone who has replied! :)

The thought of installing my own caching nameserver on the VPS and
using that as my local resolver to get around this issue did also cross
my mind, however I am already running the powerdns authoritive server on
there to serve out all my zones. Getting the powerdns recursor to work
on the server would be painful (I guess I could create a jail and run it
in there, or bind it to a sub interface ip so it doesn't clash)....

I am a little pissed at my vps provider for assuming that OpenDNS is an
adequate default for everyone. I have raised a support ticket with them
to see whether they have a local resolver. I can see the company has
COLO at a provider in LA (possibly Quadranet). I am sure there must be a
set of local resolvers for the data centre location that will work (this
is certainly the case for my work, we have colo at Hurricane Electric,
HE have a set of resolvers that one can use there).. I have asked the
provider for these if they don't have their own local one in the US.

I guess the local caching nameserver is one way out of this, an
overkill one, but an option... I was really hoping to avoid it if I can.
What a pain in the butt..

Alex.


On 2013-05-29 12:01, Ted Cooper wrote:
> On 29/05/13 11:50, Duane Hill wrote:
>> Set your FreeBSD to use a local resolver (if you can). Some
>> ISP/DNS
>> services will return a resolvable result pointing to a common
>> place
>> for addresses that do not resolve or return an NX lookup result.
>
> Look out for VPS providers that block DNS queries that don't go
> through
> their provided DNS servers. Can be a royal pain when attempting to do
> a
> dig +trace only to have every part of it blocked.
>
>> Also, RBLs like spamhaus.org will block lookups from public
>> DNS
>> servers.
>
> Or ISP DNS servers unless they have a deal with the DNS RBL providers
> to
> locally mirror the zone. That is a fairly rare situation in my
> experience.
>
> Basically, your servers should be querying directly, or have a
> commercial deal with them.

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] SBL checks not workingRe: [exim] SBL checks not working->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)