[rbldnsd] IPs not getting filtered ??
Sebastiaan Tigchelaar
sebastiaan.tigchelaar at src.nl
Mon Sep 26 23:43:24 MSD 2005
>> 222.183.73.197 CHINA 222.176-183
>>
>>> From the China datafile:
>>
>> :127.0.0.2:Uh oh, an RBL said that $ is from an unwanted user/ISP/area.
>> <..>
>> 222.160-163
>> 222.176-183 <==
<..>
> So, what does
>
> host 197.73.183.222.your.zone.name
>
> say?
Thats the weird thing, DIG gives the expected results.
I tried it immediately after I found the 'offending' IP ~_^
[root at w3 root]# dig 197.73.183.222.ips.blocked.rbl
; <<>> DiG 9.2.2 <<>> 197.73.183.222.ips.blocked.rbl
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5398
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;197.73.183.222.ips.blocked.rbl. IN A
;; ANSWER SECTION:
197.73.183.222.ips.blocked.rbl. 604800 IN A 127.0.0.2
;; AUTHORITY SECTION:
ips.blocked.rbl. 604800 IN NS create.my.own.rbl.
;; Query time: 4 msec
;; SERVER: 10.2.1.101#53(10.2.1.101)
;; WHEN: Mon Sep 26 21:25:55 2005
;; MSG SIZE rcvd: 92
I will keep an eye out for the other IPs that might happen.
>> I also tried to enable logging, but no luck so far yet.
>
> No luck in what? You can't enable logging? Are you sure
> your mailserver do query your nameserver?
I tested the RBL first with a block on my own mailserver and that worked.
I found the -l option with manual.
-l +/var/lib/rbldns/log/rbl-log
/var/lib/rbldns/log is the folder
rbl-log is the file
I used + to see what logging would show for the IPs that get thru, but the
file isn't getting filled.
Sebastiaan
More information about the rbldnsd
mailing list