On Tuesday, October 12, 2004, 10:28:06 AM, Nate Schindler wrote: > Once in a while, I notice a hit for an RBL-related test that seems a little > off. When I check for the existance of a record in the list, I can't find > one. Below is a match SA 3 found in an e-mail > from one of our dealers. I thought it was curious that they were listed, so > I checked into it, and couldn't find this domain in surbl. This isn't > limited to URIBL lists. I've noticed misfires in > most of the lists SA checks. My Net::DNS is v0.46.
> * 1.5 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist\n\t* > [URIs: vantagemobility.com] > Any ideas? > TIA, > Nate It would be useful if you could forward the messages that falsely trigger on RBLs, along with name resolution results on the specific RBL nearby in time, such as: > % dig vantagemobility.com.ws.surbl.org > > ; <<>> DiG 8.3 <<>> vantagemobility.com.ws.surbl.org > ;; res options: init recurs defnam dnsrch > ;; got answer: ;; ->>>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50731 > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > ;; QUERY SECTION: > ;; vantagemobility.com.ws.surbl.org, type = A, class = IN [...] (and similar lookups on numeric RBLs like dig 2.0.0.127.sbl.spamhaus.org) There have been other sporadic reports of RBL misfires, which leads me to wonder about the possibility of a rarely hit bug somewhere in the RBL code. Unfortunately this kind of thing seems hard to debug given the dynamic nature of messages and RBLs, but there are enough reports to make me wonder.... Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/
