On Wed, 2009-08-05 at 10:34 -0600, LuKreme wrote: > On Aug 4, 2009, at 6:35, d.h...@yournetplus.com wrote: > > > Quoting LuKreme <krem...@kreme.com>: > > > >> On 3-Aug-2009, at 18:36, Dennis G German wrote: > > > > If you use the lists as an RBL to reject at SMTP, you will end up > > rejecting legitimate email. Here, I have the zones rsync to rbldnsd > > locally and have SA rules test the last external IP. > > If you do it right, you are very unlikly to lose legitimate bounces.
I thought I'd test a few rules on it, but I'm having trouble getting rbldnsd to deal with the zones. Does anyone have a sample config that works? I've gotten other zones to load via rbldnsd, so I'm sure it's something stupid on my part, or maybe it just doesn't like - in zonenames... service rbldnsd restart Stopping rbldnsd: invaluement [ OK ] Starting rbldnsd: invaluement [ OK ] Stopping rbldnsd: uceprotect [ OK ] Starting rbldnsd: uceprotect [ OK ] Starting rbldnsd: dnsbl-2.uceprotect.net:ip4set:uceprotect/dnsbl-2.uceprotect.net rbldnsd: no zone(s) to service specified (-h for help) [FAILED] Starting rbldnsd: dnsbl-3.uceprotect.net:ip4set:uceprotect/dnsbl-3.uceprotect.net rbldnsd: no zone(s) to service specified (-h for help) [FAILED] Stopping rbldnsd: uceprotect4 [ OK ] Starting rbldnsd: uceprotect4 [ OK ] The relevant stanza is uceprotect -r/var/lib/rbldnsd -q -b127.0.0.1/5354 \ dnsbl-1.uceprotect.net:ip4set:uceprotect/dnsbl-1.uceprotect.net \ dnsbl-2.uceprotect.net:ip4set:uceprotect/dnsbl-2.uceprotect.net \ dnsbl-3.uceprotect.net:ip4set:uceprotect/dnsbl-3.uceprotect.net \ Once I get that running I'll try to tackle a meta rule for blank from: and -- Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX www.austinenergy.com
signature.asc
Description: This is a digitally signed message part