spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dominic Raferd <>
Subject Re: DNS and RBL problems
Date Sat, 15 Sep 2018 07:42:03 GMT

On 15/09/2018 02:44, Alex wrote:
> On Fri, Sep 14, 2018 at 4:24 PM Daniel J. Luke <> wrote:
>> On Sep 14, 2018, at 3:26 PM, Kevin A. McGrail <> wrote:
>>> On 9/14/2018 3:22 PM, Alex wrote:
>>>> I wish it were that easy. /etc/resolv.conf is set up to use,
>>>> which is bind configured as a my local caching resolver.
>>> Sinister issues like this are hard.  I'll try and escalate our plans for
>>> rsync access.
>> Alex - have you looked at bad checksum counters on the host? (netstat -s) - I've
seen strange issues before with broken network hardware (or bugs in switch/router code) caused
changes to packets as they passed through the 'bad' device. The first hints were those counters
increasing at the same time as the mysterious issue happening.
> I don't see anything relating to bad checksums with netstat :-( I've
> also tried numerous ethtool config changes. I've also looked through
> hundreds of packets with tcpdump and wireshark.
> This isn't a spamassassin message, but does anyone with a postfix
> system ever see similar "Name service error" messages such as the one
> below?
> Sep 14 21:12:54 mail03 postfix/dnsblog[3713]: warning: dnsblog_query:
> lookup error for DNS query Host or
> domain name not found. Name service error for
> type=A: Host not found, try
> again
> It appears to occur quite frequently, and on multiple unrelated
> systems. I'd love to find out what's causing it. The postfix people
> ascribed it to a remote server problem, but I can't believe virtually
> all RBLs, including spamhaus, would have such intermittent problems
> with *their* name servers.

On one of our mailservers (but not others, which are at different 
locations with different isps) we had a problem with queries to rbls 
being blocked either by the rbls themselves or by one of the 
intermediate dns servers. So we set up local bind9 resolver; it uses 
forwarding for normal queries but for the rbls we set up special zones 
to prevent forwarding. Example:

zone "" { type forward; forward first; 
forwarders {}; };

This solved nearly all our problems - we still see 
refusing some queries from this mailserver (despite this ip being 
registered with them). But not from our other mailservers, and not any 
other rbls.

View raw message