Amazon does not block the dns but the URIBL blocks the requests coming from the amazon subnet. I pointed the spamassasin to the server i run somewhere else and i used the port 1053 as a workaround as ATT blocks incoming udp 53.
So 1053 on my firewall forwards to 53 dns server. Now spamassassin is happy and URIBL db works. Thx for a tip about the DNS. Now, back to my ordinal question. Is http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists#Spam_Assassin_Examples good addition to fight spam or its DB is same as URIBL? thx > I could me misunderstanding, but it sounds like you have a DNS server on a > different host than your mail server and that Amazon blocks that. The recommendation is to install a DNS server on the *same* host as your mail > server. There will be no UDP traffic blocked between your mail server and > DNS server if they're on the same host because the traffic from DNS server > to mail server never leaves the box. > Normally DNS is configured to query root servers and other folks DNS servers on UPD 53; it's not clear to me if Amazon would be blocking that but I rather doubt it, as DNS is pretty much the backbone of the internet. > But even if they are, you can configure a DNS server to use TCP 53. It's > not as efficient but given that the DNS responses are cached, it's not all > that burdensome either. > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 > -----Original Message----- > From: Junk [mailto:j...@lexoncom.com] > Sent: Friday, December 01, 2017 6:31 AM > To: Benny Pedersen > Cc: Junk; users@spamassassin.apache.org > Subject: Re: FIlter >> Junk skrev den 2017-12-01 05:35: >>> I understand your concern and I agree but like I said at this point I cannot get over the dns issue unless you give me a dns server ip that will respond to my queries for the uribl. >> apt-get install bind9 > you did not reab my answer. > I do have the dns server running but my isp does not allow udp port, so i > cannot point my amazon server to it. >> configure it to NOT forward any dns queries to any other dns server, eg it should just be listing on 127.0.0.1, and recolv.conf have just nameserver 127.0.0.1 >> if amazon cant allow you to do this you should change vps hoster > Its not amazons fault. It is URIDB blocking amazons subnets. >>> My original question was about specific filter. >> i belive you would like uribl to work like junkmailfilter do > This still does not answer my original question.
