[rbldnsd] stand alone rbldnsd server, no bind

Tue Sep 14 16:45:34 MSD 2004

EUREKA ! ! !
Your comments about the mail client mangling lines and
your previous comment about wintel vs unix <cr> proved
to be the answer.

I actually would have had rbldnsd working sooner if I
would have just trusted my earlier reading of the man
pages and the njabl & cbl directions.

While I was trying numerous combinations of commands
to make rbldnsd run, the real answer was in the zone
file.

Instead of setting up a "proper" mail client I was
just using Yahoo! on the rbldnsd box.  My friend sent
me a message from her MS Outlook client with the
abusive addresses listed in the message.  I opened the
message in Yahoo! mail and copied the lines into gedit
and thought I was good to go.  Your comments helped me
see the light.

In an effort to eliminate all possible points of error
I heeded your concerns about <cr><lf> and went back
into the "blocked" file in gedit, went to the end of
each line and hit <del> then <cr>, re-ran my original
rbldnsd command and presto, no errors.

Here is what I have now:

[root at maps root]# rbldnsd -r/usr/local/etc/rbldnsd
-t21600 -c60 -b127.0.0.1/53
maps.nonprofit.local:ip4set:blocked
rbldnsd: listening on 127.0.0.1/53
rbldnsd: ip4set:blocked: 20040913 190453:
e32/24/16/8=6221/9545/1227/8
rbldnsd: zones reloaded, time 0.18e/0.0u sec, mem
arena=274 free=131 mmap=76 Kb
rbldnsd: rbldnsd version 0.993.1 (29 Jul 2004) started
(1 socket(s), 1 zone(s))

Does that look right?

When I dig I get:

[root at maps root]# dig @localhost
3.3.23.12.maps.nonprofit.local

; <<>> DiG 9.2.1 <<>> @localhost
3.3.23.12.maps.nonprofit.local
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
56260
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0,
ADDITIONAL: 0

;; QUESTION SECTION:
;3.3.23.12.maps.nonprofit.local. IN      A

;; ANSWER SECTION:
3.3.23.12.maps.nonprofit.local. 3600 IN  A      
127.0.0.2

;; Query time: 90 msec
;; SERVER: 127.0.0.1#53(localhost)
;; WHEN: Tue Sep 14 07:37:33 2004
;; MSG SIZE  rcvd: 63

Is that what should return?  Hope so.  If so I thank
you for your assistance.  If not I beseach your
continued assistance in shining the light on the error
of my ways.

--- Michael Tokarev <mjt at tls.msk.ru> wrote:

> Scot W wrote:
> > --- Michael Tokarev <mjt at tls.msk.ru> wrote:
> > 
> []
> >>First of all, why do you think you (her?) need a
> box,
> >>or even rbldnsd?  If you're using CBL (as you
> mentioned
> >>below), or DSBL, or whatever, it should be ok to
> use any
> >>similar blocklist as described, by performing
> direct
> >>queries to official nameservers, without setting
> up
> >>your own "caching" rbldnsd.
> > 
> > Originally I set her mail server to query
> spamhaus,
> > several of the sorbs lists and cbl.  This was
> catching
> > most, but several very abusive addresses
> (Ameritech to
> > name one) were not listed but sending a lot of
> viruses
> > and spam.  I thought rbldnsd would allow her to
> "fine
> > tune" what got stopped without having to pay for
> > Postini (as we use).
> 
> Depending on the MTA, it may be
> better/simpler/whatever
> to use local block/whitelists for that.  You don't
> usually need a nameserver for the task.  Most MTAs
> have an ability to enter a list of IP addresses or
> domains or whatever from which you don't want to
> accept mail (or the opposite), and on Win platform,
> that's usually done with a GUI.
> []
> >>>\
> >>>          -b127.0.0.1/53 \
> >>>          maps.nonprofit.local:ip4set:blocked"
> >>>
> >>>
> >>>File in /usr/local/etc/rbldnsd is named
> blocked.txt
> >>
> >>"blocked" or "blocked.txt" ? ;)
> > 
> > File is named "blocked.txt. Went with that naming
> > convention since the file rsynced from cbl is
> > list.txt.  Did not know what the last entry should
> be.
> 
> It's the file name, exactly.  If you put your data
> into
> "blocked.txt", specify "blocked.txt" in rbldnsd
> command
> line.  If the file is named "blocked", specify
> "blocked"
> in command line.  Simple as that.  I just noted
> you're
> inconsistent in your examples.
> 
> []
> >>>rbldnsd: file blocked.txt(2): invalid or
> >>
> >>unrecognized special entry
> >>
> >>Hmm.  what's the *exact* content of line #2?
> > 
> > Copied and pasted Lines 1-10:
> > :127.0.0.2:BLOCKED for E-Mail abuse.  See Open RBL
> or
> > SenderBase to see what RBLs have your IP listed.
> > 
> > #$TTL 3600
> > 
> > 12.0.0.0-12.23.3.3
> > 
> > 12.23.3.5-12.32.152.19
> > 
> > 12.25.164.64-12.25.164.127
> > 
> > 12.32.152.21-12.36.12.38
> > 
> > 12.32.43.128-12.32.43.255
> > 
> > 12.36.12.40-12.39.3.209
> > 
> > 12.39.3.211-12.96.247.24
> > 
> > 12.96.247.40-12.144.148.53
> 
> Oh-uh.  That's difficult to see where's the problem
> here - your mail client somehow garbles the content
> (and forces too short lines by word-wrapping), and
> as you see, there's extra empty line after each real
> line in the data.  So I suspect there are <cr>s out
> there, aka DOS (or Win) line-terminators.  Somehow
> I haven't thought about such a possibility before,
> --
> to make rbldnsd recognize this line terminators as
> well as traditional unix one, -- and noone come
> across this problem before too.
> 
> []
> > Guess I don't know.  What does gedit put in?
> 
> I never used and even seen gedit, sorry.  Can
> you edit other config files with it? Does it
> have some "line terminator" indicator somewhere?
> I dunno.  For example, vim displays "[dos]" at
> the bottom line if the file's line terminator
> is <cr><lf>.
> 
> []
> 
> But before going further, I still suggest you to
> think whenever you really need a nameserver, and
> don't have any more easy way to accomplish the
> task.
> 
> Note also that whomever will manage the list
> will need to add/remove entries to/from it
> somehow, so your friend will need to have
> account on the box or you will have to
> create some webinterface...
> 
> /mjt
> _______________________________________________
> rbldnsd mailing list
> rbldnsd at corpit.ru
> http://www.corpit.ru/mailman/listinfo/rbldnsd
> 

_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com