Re: Fwd: Fwd: URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.

[Bowie Bailey]

On 2/14/2017 10:01 AM, Emin Akbulut wrote:


-- Forwarded message --
From: *Bowie Bailey* mailto:bowie_bai...@buc.com>>
Date: Tue, Feb 14, 2017 at 5:44 PM
Subject: Re: Fwd: URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to
URIBL was blocked.
To: users@spamassassin.apache.org


That page is suggesting that you find the authoritative server for
blacklist domains and force those domain queries to go to those
servers.  This will fix the problem, but it is a bit fragile since
your lookups will start failing if those domains ever change their
DNS setup.
A better idea is to have your server stop forwarding altogether. 
Let your DNS server query the root servers and figure out the

authoritative DNS servers for the domains itself.  This is how DNS
servers were designed to work and there are few reasons not to do
it this way.  Unfortunately, I have no idea where those settings
are in the Windows DNS server.


That was the problem. I couldn't find the correct IP addresses. That's 
why I asked here how to configure conditional forwarders correctly, I 
mean IP addresses for uribl.com , etc.


The page you referenced actually showed how to do that.

C:\> nslookup -querytype=ns uribl.com

uribl.com   nameserver = v.uribl.net
uribl.com   nameserver = o.icudp.com
uribl.com   nameserver = c.sarules.net
uribl.com   nameserver = p.icudp.net

c.sarules.net   internet address = 52.9.94.53
o.icudp.com internet address = 54.149.125.143
p.icudp.net internet address = 94.228.131.217
v.uribl.net internet address = 52.71.102.73

The IP addresses listed are all nameservers for uribl.com.

Now my DNS server runs like a DNS server, uses root DNS servers to 
resolve names.


A much better idea.


fbb
I think I should "subscibe" to uribl's paid system if any.


You don't need to unless you continue to get blocked.  Or if you just 
want to support them.


Before you think about paying, make absolutely sure that you are 
querying them directly.  The paid service still won't work (afaik) if 
you are using forwarding.


--
Bowie

Fwd: Fwd: URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.

[Emin Akbulut]

> -- Forwarded message --
> From: Bowie Bailey 
> Date: Tue, Feb 14, 2017 at 5:44 PM
> Subject: Re: Fwd: URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL
> was blocked.
> To: users@spamassassin.apache.org
>
> That page is suggesting that you find the authoritative server for
> blacklist domains and force those domain queries to go to those servers.
> This will fix the problem, but it is a bit fragile since your lookups will
> start failing if those domains ever change their DNS setup.
> A better idea is to have your server stop forwarding altogether.  Let your
> DNS server query the root servers and figure out the authoritative DNS
> servers for the domains itself.  This is how DNS servers were designed to
> work and there are few reasons not to do it this way.  Unfortunately, I
> have no idea where those settings are in the Windows DNS server.


That was the problem. I couldn't find the correct IP addresses. That's why
I asked here how to configure conditional forwarders correctly, I mean IP
addresses for uribl.com, etc.

Now my DNS server runs like a DNS server, uses root DNS servers to resolve
names.

I think I should "subscibe" to uribl's paid system if any.