On 2026-04-09 at 07:04:18 UTC-0400 (Thu, 09 Apr 2026 14:04:18 +0300)
Anders Gustafsson <[email protected]>
is rumored to have said:
Hi!
I am beginnig to se validity check errors in my spam processing:
0.4 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
So I created an account with them but still see the errors. Wha I
asked them they say they do not see my
public IP anywhere. Are the SA Validity queries coming from somewhere
else?
SA does DNS queries using the system's configuration (i.e.
/etc/resolv.conf) unless you specify the use of a different resolver in
the configuration. If a machine has multiple interfaces or multiple
addresses on one interface, SA will use the default interface and source
address.
If you don't have a caching recursive resolver on the machine you're
running SA, fix that. DO NOT USE dnsmasq, it will make you sad. If your
resolv.conf (and any internal config for the resolver software) directs
queries to remote DNS servers rather than doing the recursion itself,
fix that. DNS predominantly uses UDP, so if you filter that you must be
careful. If you're behind NAT, make sure it is properly NAT'ing UDP.
Some cheap routers will happily translate TCP addresses while leaving
UDP packets unmolested and unrouteable. I expect that if Validity sees
packets claiming to be from RFC1819 (private) IPs, they just drop them.
--
Bill Cole
[email protected] or [email protected]
(AKA @[email protected] and many *@billmail.scconsult.com
addresses)
Please keep discussion mailing list replies *on-list*
Not Currently Available For Hire
