>From: Chris <cpoll...@embarqmail.com> >Sent: Wednesday, May 13, 2015 8:50 AM >To: Jeremy McSpadden >Cc: users@spamassassin.apache.org >Subject: Re: Turning off queries to SORBS
>On Wed, 2015-05-13 at 02:05 +0000, Jeremy McSpadden wrote: >> dig +trace and see if your ISP is intercepting queries. >> >> -- >> Jeremy McSpadden | Flux Labs >> Local - 850-250-5590x501 | Mobile - 850-890-2543 >> Fax - 850-254-2955 | Toll Free - 877-699-FLUX >> Web - http://www.fluxlabs.net >> >Jeremy, I'm replying to you again and Ccing the list which I forgot to >do last night. Below are the results of the above command. I don't see >anywhere my ISP is involved. I've put the output on pastebin so it >doesn't get mangled here on the list dig +trace >54.139.130.12.dnsbl.sorbs.net >http://pastebin.com/up0A2xD1 Dig +trace doesn't work quite like that. It will show you exactly what a recursive DNS server would do on a client's behalf when doing a full recursive query to the Internet -- not forwarding to another DNS caching server. It's very helpful to troubleshoot DNS servers giving bad/stale info but it's not able to help you see your DNS query flow. You just have to look at your /etc/resolv.conf to see where it's pointed and start there. If you aren't sure that the DNS server in /etc/resolv.conf isn't doing full recursive lookups on it's own, then you need to find one or stand up your own private DNS server so you know what it's doing for sure. If you have a high volume of mail (more than a few hundred to a thousand mailboxes as a rough number), I would recommend setting up your own DNS recursive server (PowerDNS recursor or BIND) with forwarding disabled. Then also setup the same thing on each SA mail server but forward to your new private DNS server, then update the /etc/resolv.conf to point to 127.0.0.1. SA server (/etc/resolv.conf) -> 127.0.0.1 -> private DNS server (not forwarding) -> Internet >Chris >> On May 12, 2015, at 8:49 PM, Chris <cpoll...@embarqmail.com> wrote: >> >> >> > Is there a way to turn off queries to SORBS so I don't keep seeing >> > this >> > in my logs: >> > >> > error (connection refused) resolving >> > '23.164.11.209.dnsbl.sorbs.net/A/IN': 67.228.187.34#53 >> > >> > I have Bind9 setup as a caching name server and am using 127.0.0.1 >> > as my >> > DNS >-- >Chris >KeyID 0xE372A7DA98E6705C >31.11°N 97.89°W (Elev. 1092 ft) >08:44:59 up 2 days, 2:54, 3 users, load average: 0.20, 0.18, 0.23 >Ubuntu 14.04.2 LTS, kernel 4.0.0-997-generic #201503310205 SMP Tue Mar >31 02:07:04 UTC 2015
