[rbldnsd] starting out with rbldnsd: all is REFUSED
David Landgren
rbldnsd@corpit.ru
Wed, 15 Oct 2003 15:35:09 +0200
Michael Tokarev wrote:
[..]
>> dig -p 20053 @81.80.147.196 2.0.0.127.dnsbl.bpinet.com A
>
>
> The syntax is: base_dn:type:file. Your base_dn seems to be
> dnsbl.bpinet.com, not 127.0.0.2 or 127.0.0.5... ;)
> Sure rbldnsd will refuse to answer to the above question,
> because it knows nothing about dnsbl.bpinet.com, and it is
> not a recursive resolver. Base_dn is what you put in $BASE
> for rbldns. I don't know what did you mean by specifying
> IP addresses here, but the command line should look like:
>
> rbldnsd ... dnsbl.bpinet.com:ip4set:2.data dnsbl.bpinet.com:dnset:5.data
That did the trick.
> []
>
>> One other question, for the record .sendmeoffers.com do I test that
>> with com.sendmeoffers.dnsbl.bpinet.com or
>> sendmeoffers.com.dnsbl.bpinet.com . The documentation isn't clear on
>> the matter (or I can't read documentation, a distinct possibility).
>
>
> Well, domain names always used in the normal form:
> sendmeoffers.com.dnsbl.bpinet.com. Only IP addresses
> will be in reverse.
Well, now that it's working this is of course trivial to determine myself:
% dig -p 20053 @81.80.147.196 foo.sendmeoffers.com.dnsbl.bpinet.com TXT
; <<>> DiG 9.2.2 <<>> -p 20053 @81.80.147.196
foo.sendmeoffers.com.dnsbl.bpinet.com TXT
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1240
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;foo.sendmeoffers.com.dnsbl.bpinet.com. IN TXT
;; ANSWER SECTION:
foo.sendmeoffers.com.dnsbl.bpinet.com. 3600 IN TXT "spamhaus
sendmeoffers.com"
;; AUTHORITY SECTION:
dnsbl.bpinet.com. 3600 IN NS ns.dnsbl.bpinet.com.
;; Query time: 174 msec
;; SERVER: 81.80.147.196#20053(81.80.147.196)
;; WHEN: Wed Oct 15 08:29:03 2003
;; MSG SIZE rcvd: 110
> BTW, when you want to list both sendmeoffers.com and *.sendmeoffers.com,
> use ..sendmeoffers.com (two leading dots). sendmeoffers.com matches
> this domain only, not any subdomain, and .sendmeoffers.com does not
> match sendmeoffers.com itself. ..sendmeoffers.com is a shortcut for
> two lines:
> .sendmeoffers.com ..
> sendmeoffers.com ..
Ah, I hadn't noticed that, thanks for pointing that out. I am now up
and running and everything looks fine.
Thanks Michael!