Ken A wrote:
>
>> May 11 12:00:09 pop spamd[47940]: dns: sendto() failed: No route to host
>> Host: 190.57.78.66.bl.spamcop.net. at
>> /usr/local/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/DnsResolver.pm
>> line
>> 340, <GEN1444> line 137.
>>
>> Of course, hosts like 190.57.78.66.bl.spamcop.net are DNSBL blacklist
>> members, and they resolve to nothing at all, which is why there is no
>> route
>> to host. But why is spamd suddenly spewing these errors now? It didn't do
>> this before the firewall was in place.
>
> They don't resolve to nothing at all. The response from the DNS server
> is usually NXDOMAIN, not 'no route to host'; you get _that_ when you
> block the connection to the dns server you are using.
>
> --
> Ken Anderson
> Pacific.Net
>
>
Ah. So it meant that there was no route to host when it tried to connect to
our primary nameserver. And that the firewall must have been blocking said
connections. Like firewalls tend to do when an internal IP address tries to
access another internal host by its public IP address.
I updated /etc/resolv.conf and all is well again. Your post was most
enlightening. :)
It might be a good idea to change DnsResolver.pm to make this error message
clearer. I've googled this error message and other people are similarly
confused. "DNS lookup failed" would be a good one.
--
View this message in context:
http://www.nabble.com/So-you-wanted-to-firewall-your-mail-server...-tf3729493.html#a10439995
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
