I know this has been covered before, e.g., https://lists.gt.net/spamassassin/users/198845/?page=1;mh=-1; & https://lists.gt.net/spamassassin/users/199135 as well as off list at Ubuntu at https://serverfault.com/questions/644707/uribl-blocked-on-ubuntu-14-04-server-with-working-dnsmasq. Here’s what we’re getting on 2 Fedora 25 servers:
host -tTXT test.uribl.com.multi.uribl.com test.uribl.com.multi.uribl.com descriptive text "127.0.0.1 -> Query Refused. See http://uribl.com/refused.shtml for more information [Your DNS IP: 74.125.19.15]" [root@storm audit]# Note the DNS IP is a Google IP and always changes when I run the command. I just want to make sure I’m not missing something. NetworkManager and network service are running and here you can see dnsmasq running with NM: NetworkManager.service - Network Manager Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2017-05-17 17:07:27 EDT; 17h ago Docs: man:NetworkManager(8) Main PID: 24310 (NetworkManager) Tasks: 4 (limit: 4915) CGroup: /system.slice/NetworkManager.service ├─24310 /usr/sbin/NetworkManager --no-daemon └─24468 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid --listen-address=127.0.0.1 --cache-size=400 --conf-file=/dev/null --proxy-dnssec --enable-dbus=org.free Some logs to show dnsmasq in use: May 17 14:23:32 ourserver dnsmasq[2336]: reading /etc/resolv.conf May 17 14:23:32 ourserver dnsmasq[2336]: using nameserver 150.108.x.yy#53 May 17 14:23:32 ourserver dnsmasq[2336]: using nameserver 150.108.x.zz#53 May 17 14:23:32 ourserver dnsmasq[2336]: reading /etc/resolv.conf May 17 14:23:32 ourserver dnsmasq[2336]: using nameserver 127.0.0.1#53 cat /etc/resolv.conf # Generated by NetworkManager search subdomain.ourdomain.edu nameserver 127.0.0.1 dns=dnsmasq is set in the [main] section of /etc/NetworkManager/NetworkManager.conf And some digs to show before/after: dig www.google.co.nz ; <<>> DiG 9.10.4-P8-RedHat-9.10.4-5.P8.fc25 <<>> www.google.co.nz ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50850 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;www.google.co.nz. IN A ;; ANSWER SECTION: www.google.co.nz. 299 IN A 172.217.10.67 ;; Query time: 20 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu May 18 10:52:59 EDT 2017 ;; MSG SIZE rcvd: 61 [root@storm audit]# dig www.google.co.nz ; <<>> DiG 9.10.4-P8-RedHat-9.10.4-5.P8.fc25 <<>> www.google.co.nz ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53814 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.google.co.nz. IN A ;; ANSWER SECTION: www.google.co.nz. 297 IN A 172.217.10.67 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu May 18 10:53:01 EDT 2017 ;; MSG SIZE rcvd: 61 host -tA 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com has address 127.0.0.1 /etc/dnsmasq.conf port=0 resolv-file=/etc/resolv.dnsmasq strict-order no-dhcp-interface=enp7s0f0 bind-interfaces listen-address=127.0.0.1,150.108.xx.yy,127.0.1.1 interface=enp7s0f0 domain=ourdomain.ourschool.edu /etc/resolv.dnsmasq search subdomain.ourschool.edu ourschool.edu nameserver 150.108.x.yy nameserver 150.108.y.xx /etc/resolv.conf # Generated by NetworkManager search subdomain.ourschool.edu nameserver 127.0.0.1 Am I missing something?