Re: [exim] SBL checks not working

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMother at <-
MM\Phil Pennock at ->
Delete this message
Reply to this message
Author: Duane Hill
Date:  
To: exim-users
Subject: Re: [exim] SBL checks not working
On Wednesday, May 29, 2013 at 4:10:45 AM UTC, other@??? confabulated:

> Thank you to everyone who has replied! :)

> The thought of installing my own caching nameserver on the VPS and
> using that as my local resolver to get around this issue did also cross
> my mind, however I am already running the powerdns authoritive server on
> there to serve out all my zones. Getting the powerdns recursor to work
> on the server would be painful (I guess I could create a jail and run it
> in there, or bind it to a sub interface ip so it doesn't clash)....

> I am a little pissed at my vps provider for assuming that OpenDNS is an
> adequate default for everyone. I have raised a support ticket with them
> to see whether they have a local resolver. I can see the company has
> COLO at a provider in LA (possibly Quadranet). I am sure there must be a
> set of local resolvers for the data centre location that will work (this
> is certainly the case for my work, we have colo at Hurricane Electric,
> HE have a set of resolvers that one can use there).. I have asked the
> provider for these if they don't have their own local one in the US.

> I guess the local caching nameserver is one way out of this, an
> overkill one, but an option... I was really hoping to avoid it if I can.
> What a pain in the butt..

I don't consider the resolver being local unless it is running on the
server I have Exim running.

All of my servers running here have this as the resolv.conf:

domain localhost
nameserver 127.0.0.1

and bind running. I know bind is overkill. However, I have never
had issues running this way for quite a number of years.

> On 2013-05-29 12:01, Ted Cooper wrote:
>> On 29/05/13 11:50, Duane Hill wrote:
>>> Set your FreeBSD to use a local resolver (if you can). Some
>>> ISP/DNS
>>> services will return a resolvable result pointing to a common
>>> place
>>> for addresses that do not resolve or return an NX lookup result.
>>
>> Look out for VPS providers that block DNS queries that don't go
>> through
>> their provided DNS servers. Can be a royal pain when attempting to do
>> a
>> dig +trace only to have every part of it blocked.
>>
>>> Also, RBLs like spamhaus.org will block lookups from public
>>> DNS
>>> servers.
>>
>> Or ISP DNS servers unless they have a deal with the DNS RBL providers
>> to
>> locally mirror the zone. That is a fairly rare situation in my
>> experience.
>>
>> Basically, your servers should be querying directly, or have a
>> commercial deal with them.


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] SBL checks not workingRe: [exim] SBL checks not working->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)