[rbldnsd] starting out with rbldnsd: all is REFUSED

David Landgren rbldnsd@corpit.ru
Wed, 15 Oct 2003 15:35:09 +0200 

Michael Tokarev wrote:

[..]
>> dig -p 20053 @81.80.147.196 2.0.0.127.dnsbl.bpinet.com A
> 
> 
> The syntax is: base_dn:type:file.  Your base_dn seems to be
> dnsbl.bpinet.com, not 127.0.0.2 or 127.0.0.5... ;)
> Sure rbldnsd will refuse to answer to the above question,
> because it knows nothing about dnsbl.bpinet.com, and it is
> not a recursive resolver.  Base_dn is what you put in $BASE
> for rbldns.  I don't know what did you mean by specifying
> IP addresses here, but the command line should look like:
> 
>   rbldnsd ... dnsbl.bpinet.com:ip4set:2.data dnsbl.bpinet.com:dnset:5.data

That did the trick.

> []
> 
>> One other question, for the record .sendmeoffers.com do I test that 
>> with com.sendmeoffers.dnsbl.bpinet.com or 
>> sendmeoffers.com.dnsbl.bpinet.com . The documentation isn't clear on 
>> the matter (or I can't read documentation, a distinct possibility).
> 
> 
> Well, domain names always used in the normal form:
> sendmeoffers.com.dnsbl.bpinet.com.  Only IP addresses
> will be in reverse.

Well, now that it's working this is of course trivial to determine myself:

% dig -p 20053 @81.80.147.196 foo.sendmeoffers.com.dnsbl.bpinet.com TXT

; <<>> DiG 9.2.2 <<>> -p 20053 @81.80.147.196 
foo.sendmeoffers.com.dnsbl.bpinet.com TXT
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1240
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;foo.sendmeoffers.com.dnsbl.bpinet.com. IN TXT

;; ANSWER SECTION:
foo.sendmeoffers.com.dnsbl.bpinet.com. 3600 IN TXT "spamhaus 
sendmeoffers.com"

;; AUTHORITY SECTION:
dnsbl.bpinet.com.       3600    IN      NS      ns.dnsbl.bpinet.com.

;; Query time: 174 msec
;; SERVER: 81.80.147.196#20053(81.80.147.196)
;; WHEN: Wed Oct 15 08:29:03 2003
;; MSG SIZE  rcvd: 110


> BTW, when you want to list both sendmeoffers.com and *.sendmeoffers.com,
> use ..sendmeoffers.com (two leading dots).  sendmeoffers.com matches
> this domain only, not any subdomain, and .sendmeoffers.com does not
> match sendmeoffers.com itself.  ..sendmeoffers.com is a shortcut for
> two lines:
>   .sendmeoffers.com ..
>   sendmeoffers.com  ..

Ah, I hadn't noticed that, thanks for pointing that out. I am now up 
and running and everything looks fine.

Thanks Michael!