Chris wrote: > Is there a way to turn off queries to SORBS so I don't keep seeing this > in my logs: > > error (connection refused) resolving > '23.164.11.209.dnsbl.sorbs.net/A/IN': 67.228.187.34#53 > > I have Bind9 setup as a caching name server and am using 127.0.0.1 as my > DNS.
Are you seeing problems with the actual lookups failing, or just upset about the log noise? I get a fair volume of similar failures in my own log on my personal server (4 live accounts, ~500 messages daily, most spam; log since weekly rotation on Sunday): [root@hex ]# grep 'connection refused' /var/log/messages|grep sorbs|awk '{ print $10; }'|sort|uniq -c 2 113.52.8.150#53 79 174.36.198.233#53 74 174.36.235.174#53 40 67.228.187.34#53 yet the actual lookups don't fail, they fall over to another upstream server. If it's really that big a problem, you can suppress all such log messages in the BIND config. Depending on which syslog daemon you're using, you may be able to suppress only the SORBS failures from reaching the log file. I'm not sure, but you may even be able to tell BIND to either not log failures only for SORBS, or never attempt lookups off of the failing servers in the first place. -kgd