[rbldnsd] The basics - help

Steve E. Mosher steve at moshtech.com
Wed Feb 14 07:50:56 MSK 2007 

Hi folks,

I just have a couple questions and I am currently trying to pin point if
I'm doing this correctly.

The scenario and setups are as follows.

This is a Gentoo Linux distro.
BIND version 9.4.0
rbldnsd version 0.996
Postfix version 2.3.7

Sample of named.conf ...

Seeting up a forward of each CIDR ip pool based on country.

zone "AE.blocked.rbl" IN {
type forward;
forward first;
forwarders {
127.0.0.1 port 530;
};
};
zone "AF.blocked.rbl" IN {
type forward;
forward first;
forwarders {
127.0.0.1 port 530;
};
};
zone "AG.blocked.rbl" IN {
type forward;
forward first;
forwarders {
127.0.0.1 port 530;
};
};

-----------------------------------------

Sample of RBLDNSD config file ...

OPTIONS="-r/var/lib/rbldns -b 127.0.0.1/530 -p/var/run/rbldnsd.pid \
AE.blocked.rbl:ip4set:AE \
AF.blocked.rbl:ip4set:AF \
AG.blocked.rbl:ip4set:AG \
AI.blocked.rbl:ip4set:AI \
AL.blocked.rbl:ip4set:AL \
AM.blocked.rbl:ip4set:AM \

Based on country ....

Sample of the files needed with CIDR format ip pools.

:127.0.0.2:AD. $ is BLOCKED from this MAILSERVER
85.94.160.0/19
194.158.64.0/19

-----------------------------------------


Sample of main.cf for postfix.

smtpd_recipient_restrictions =
        check_recipient_access hash:/etc/postfix/filtered_domains,
        permit_mynetworks,
        reject_rbl_client AE.blocked.rbl,
        reject_rbl_client AF.blocked.rbl,
        reject_rbl_client AG.blocked.rbl,
        reject_rbl_client AI.blocked.rbl,
        reject_rbl_client AL.blocked.rbl,
        reject_rbl_client AM.blocked.rbl,
        reject_rbl_client AN.blocked.rbl,
        reject_rbl_client AO.blocked.rbl,
        .................


-----------------------------------------


I'm just trying to figure out if I'm getting this down right or not.

I seem to have issues with (I think) not picking up some of the country
like per say the UK codes.  They are still getting thru.  I'm just
trying to get a grasp on if my approach is correct.  Any advice would be
greatly appreciated.  If anyone needs more info I can provide that.

Thanks folks.

--Mosher

More information about the rbldnsd mailing list