On Wed, 2009-08-05 at 10:34 -0600, LuKreme wrote: > On Aug 4, 2009, at 6:35, d.h...@yournetplus.com wrote: > > > Quoting LuKreme <krem...@kreme.com>: > > > >> On 3-Aug-2009, at 18:36, Dennis G German wrote: > > > > If you use the lists as an RBL to reject at SMTP, you will end up > > rejecting legitimate email. Here, I have the zones rsync to rbldnsd > > locally and have SA rules test the last external IP. > > If you do it right, you are very unlikly to lose legitimate bounces.
I thought I'd test a few rules on it, but I'm having trouble getting
rbldnsd to deal with the zones. Does anyone have a sample config that
works? I've gotten other zones to load via rbldnsd, so I'm sure it's
something stupid on my part, or maybe it just doesn't like - in
zonenames...
service rbldnsd restart
Stopping rbldnsd: invaluement [ OK ]
Starting rbldnsd: invaluement [ OK ]
Stopping rbldnsd: uceprotect [ OK ]
Starting rbldnsd: uceprotect [ OK ]
Starting rbldnsd:
dnsbl-2.uceprotect.net:ip4set:uceprotect/dnsbl-2.uceprotect.net rbldnsd:
no zone(s) to service specified (-h for help)
[FAILED]
Starting rbldnsd:
dnsbl-3.uceprotect.net:ip4set:uceprotect/dnsbl-3.uceprotect.net rbldnsd:
no zone(s) to service specified (-h for help)
[FAILED]
Stopping rbldnsd: uceprotect4 [ OK ]
Starting rbldnsd: uceprotect4 [ OK ]
The relevant stanza is
uceprotect -r/var/lib/rbldnsd -q -b127.0.0.1/5354 \
dnsbl-1.uceprotect.net:ip4set:uceprotect/dnsbl-1.uceprotect.net \
dnsbl-2.uceprotect.net:ip4set:uceprotect/dnsbl-2.uceprotect.net \
dnsbl-3.uceprotect.net:ip4set:uceprotect/dnsbl-3.uceprotect.net \
Once I get that running I'll try to tackle a meta rule for blank from:
and
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
www.austinenergy.com
signature.asc
Description: This is a digitally signed message part
