Re: Multiple REFUSED logs with sorbs.net ?
On 18/05/2024 08:14, J Doe wrote: Hello, I make use of SpamAssassin 4.0.0 on a low volume e-mail server. I also run my own validating resolver with Bind 9.18.27 on the e-mail server. The only piece of software I have in my e-mail stack that uses SORBS is SpamAssassin. I have noticed in my resolver logs multiple entries where a query of SORBS results in REFUSED results. Here is an example entry: 10-May-2024 05:34:39.024 lame-servers: info: REFUSED unexpected RCODE resolving 'rbldns10.sorbs.net/A/IN': 108.59.172.201#53 While some queries succeed and SpamAssassin appears to be able to use SORBS, there are always *multiple* REFUSED results only for sorbs.net. Am I exceeding the number of free queries that SORBS allows ? If so, do I need to register with SORBS (similar to how SpamHaus requires registration to use their DQS service) ? If so, how do I update my SA configuration ? Thanks, - J SORBS has been ultra sensitive like that for a few years now, it allows lookups, then it doesn't, seconds later it does, I suspect an ill configured DoS protection mechanism that's overly paranoid, but good luck getting anyone their to listen. -- Regards, Noel Butler
Multiple REFUSED logs with sorbs.net ?
Hello, I make use of SpamAssassin 4.0.0 on a low volume e-mail server. I also run my own validating resolver with Bind 9.18.27 on the e-mail server. The only piece of software I have in my e-mail stack that uses SORBS is SpamAssassin. I have noticed in my resolver logs multiple entries where a query of SORBS results in REFUSED results. Here is an example entry: 10-May-2024 05:34:39.024 lame-servers: info: REFUSED unexpected RCODE resolving 'rbldns10.sorbs.net/A/IN': 108.59.172.201#53 While some queries succeed and SpamAssassin appears to be able to use SORBS, there are always *multiple* REFUSED results only for sorbs.net. Am I exceeding the number of free queries that SORBS allows ? If so, do I need to register with SORBS (similar to how SpamHaus requires registration to use their DQS service) ? If so, how do I update my SA configuration ? Thanks, - J
uridnsbl_skip_domain question
Hi guys, I have configured exclusion for some common domains e.g. gov.sk in SA: uridnsbl_skip_domain [...] gov.sk slovensko.sk However it seems that that domain is still queried: 9826 68.951573127.0.0.1 → 127.0.0.1DNS 104 Standard query 0xbffe A mail.gov.sk.multi.uribl.com OPT in SA 4 docs I see that: uridnsbl_skip_domain domain1 domain2 ... Specify a domain, or a number of domains, which should be skipped for the URIBL checks. This is very useful to specify very common domains which are not going to be listed in URIBLs. In addition to trimmed domain, the full hostname is also checked from the list. Do I have to exclude subdomains for each host too? (this would kind of defeat the directive imho). This is SA 3.4.6 (debian 11) which does not have the latter paragraph but I assume the difference is only in documentation -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. You have the right to remain silent. Anything you say will be misquoted, then used against you.