On Tue, 10 Jun 2014, Andrew Daviel wrote:
Per http://ahbl.org/content/changes-ahbl, AHBL is going away (still used in
spamassassin-3.3.1)
Meanwhile, AHBL is serving strange DNS responses, e.g.
(from wireshark)
1 0.000000 142.90.100.186 -> 162.243.209.249 DNS 93 Standard query 0xc828
A zuz.rhsbl.ahbl.org
2 0.072481 162.243.209.249 -> 142.90.100.186 DNS 246 Standard query
response 0xc828
Authoritative nameservers
rhsbl.ahbl.org: type NS, class IN, ns invalid.ahbl.org
rhsbl.ahbl.org: type NS, class IN, ns unresponsive.ahbl.org
rhsbl.ahbl.org: type NS, class IN, ns unresponsive2.ahbl.org
Name Server: unresponsive2.ahbl.org
Additional records
invalid.ahbl.org: type A, class IN, addr 244.254.254.254
Addr: 244.254.254.254 (244.254.254.254)
unresponsive.ahbl.org: type A, class IN, addr 10.230.230.230
Addr: 10.230.230.230 (10.230.230.230)
unresponsive2.ahbl.org: type A, class IN, addr 192.168.230.230
Addr: 192.168.230.230 (192.168.230.230)
invalid.ahbl.org: type AAAA, class IN, addr fe80::
Addr: fe80::
This last one, fe80::, is an IPv6 scope-link address that causes the BIND
nameserver to log a weird error
named[31365]: socket.c:4373: unexpected error:
named[31365]: 22/Invalid argument
Per http://www.mail-archive.com/bind-users@lists.isc.org/msg05240.html
connect() fails as it is missing scoping information.
Umm, with a name like "invalid.ahbl.org" what do you expect? That's
truth in advertising. It's 'invalid', as a matter of fact all of those
addresses aren't usable, they're either RFC-1918 or multicast/local-scope.
So none of those are valid for remote queries.
Do NOT use rhsbl.ahbl.org. period. end of song.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
