On Sat, 22 Jun 2013, Robert S wrote:
That wasn't the complete reply - hit the reply button too soon . . .
The two addresses at the top are my ISP's DNS servers and the bottom is the
IP address of my server. I still get the administrator notice with this
configuration. Is there an additional step that I need to take? I'm not a
DNS expert.
Nameservers are generally tried in the order listed. Your BL traffic is
probably being aggregated with a bunch of other clients of your ISP.
If you're running dnsmasq locally, you should list it first so that you
take advantage of its local cache and only fall back to direct queries of
your ISP's servers if dnsmasq fails for some reason.
I only run a small business and I doubt that we'd be exceeding the URIBL
quota.
Ok, good.
I'm not extremely familiar with dnsmasq, but I don't think it's capable of
acting as a recursive DNS server on its own.
It's not too difficult to set up a recursive local nameserver if you
aren't hosting any authoritative entries (i.e. if you're not providing the
main DNS for domain(s) that you own). The important thing is to make sure
that third parties can't come in from the internet and use your recursive
DNS server. "open" recursive DNS servers are abused by those performing
DDOS attacks.
On Sat, Jun 22, 2013 at 2:08 PM, Robert S <robert.spam.me.sensel...@gmail.com>
wrote:
This message seems to get blocked in a lot of blocklists (which also
seem to happen to my users' messages).
That's the first thing you need to resolve.
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked.
See
http://wiki.apache.org/**spamassassin/DnsBlocklists#**dnsbl-block<http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block>
for more information.
This means your URIBL queries are exceeding the limit for unpaid access.
How is your SA/MTA DNS set up?
I think we're on the right track. I use dnsmasq with no extra
customisations. My resolv.conf looks like this:
$ cat /etc/resolv.conf
domain mydomain.net.au
nameserver 202.136.42.205
nameserver 202.136.43.205
nameserver 192.168.0.33
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Maxim XXXV: That which does not kill you has made a tactical error.
-----------------------------------------------------------------------
386 days since the first successful private support mission to ISS (SpaceX)
