[rbldnsd] I HATE BIND - please help

Chris. cth at fastmail.ca
Fri Feb 29 23:42:23 MSK 2008 

On Fri, 29 Feb 2008 09:03:58 -0600, Lyle Giese wrote...

Hello, and thank you for your reply.


> What you have for information in your zone files is immaterial to what
> addresses/ports named or rbldnsd bind to.  The reference to 127.0.0.2
> above is in reference to the answer(content of the zone files) rbldnsd
> will gives back when queried and nothing to do with what address/port
> rbldnsd is listening to.  The term 'bind' as a verb references the
> ablility of a process to attach itself to an ip address/port
> combination.  I think part of the problem here is the terminology used
> here.  You may be stating your question in a manner that is confusing
> as to what your issue is.
> 
> When you use the -b command line parameter, that binds rbldnsd to an ip
> address/port comination and has nothing to do with the data it answers
> for(contents of it's zone files).  For my inhouse use, I have a zone
> defined as rbl.lcrcomputer.com and put an ns record in BIND/named's
> one files.  So my queries for my blacklist would be of the form:
> 
> dig 2.0.0.127.rbl.lcrcomputer.com
> 
> or to ask about 209.172.152.2
> 
> dig 2.152.172.209.rbl.lcrcomputer.com
> 
> and in my lcrcomputer.com zone file in Bind/named, I have:
> 
> rbl.lcrcomputer.com. in ns ns1.lcrcomputer.net
> 
> And in my lcrcomputer.net zone:
> 
> ns1.lcrcomputer.net in a 209.172.152.4
> 
> And no it's not accessable via the Internet, it's an internal only
> service.
> 
> If 209.172.152.2 is listed in my rbl zone, rbldnsd gives back the
> answer in the form of a A record giving 127.0.0.1(or .2 for your
> zone).  If that ip is not listed in your rbl zone, rbldnsd gives back a
> not found answer.
> 
> 
> Lyle

For the sake of clarity of my use of terminology; I used the term
bind in reference to the context it was used in as a reply to one
of my earlier posts. RBLDNSD does need to bind to 127.0.0.2, and
127.0.0.3 long enough to answer requests, as those are the addresses
defined in it's zone files. But enough on that. :)

As to the rest of your informative response; Yes, I understand.
It is the same for me, except my address (as RBLDNSD is bound to)
are Internet routable, and visible to the internet.

performing:
# dig @my.internet.routable.IP blackhole.nospammers.NET

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 25600
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

As does:
# dig @my.internet.routable.IP 2.0.0.127.blackhole.nospammers.NET

or:
# dig @my.internet.routable.IP 3.0.0.127.blackhole.nospammers.NET

or:
# dig @my.internet.routable.IP 209.172.152.4 4.152.172.209.blackhole.nospammers.NET

or:
# dig @my.internet.routable.IP 209.172.152.4.blackhole.nospammers.NET

The RBLDNSD logs all return:
1204196617 111.222.333.444 999.888.777.666.blackhole.nospammers.COM A IN: REFUSED/0/61

or:
1204196617 111.222.333.444 999.888.777.666.blackhole.nospammers.COM TXT IN: REFUSED/0/61

depending on what my query was ( in TXT, or in A).


Thank you again for taking the time to respond.

--Chris H

FWIW your mail reader largely corrupts the replies, requiring me to strip the message
to my editor, so that I can reformat it and paste it into my mail reader to respond.
It appears that it must be an HTML email writer that you use.

> _______________________________________________
> rbldnsd mailing list
> rbldnsd at corpit.ru
> http://www.corpit.ru/mailman/listinfo/rbldnsd
_________________________________________________________________
    http://fastmail.ca/ - Fast Secure Web Email for Canadians

More information about the rbldnsd mailing list