[rbldnsd] I HATE BIND - please help

Chris. cth at fastmail.ca
Fri Mar 7 03:25:49 MSK 2008 

On Thu, 6 Mar 2008 23:42:53 +0000 (UTC), Chris. wrote...

> On Thu, 6 Mar 2008 22:38:54 +0000 (UTC), Chris. wrote...
> 
>> On Thu, 06 Mar 2008 20:33:14 +0300, Michael Tokarev wrote...
>> 
>>> [snip all]
>> 
>> LOL
>> 
>>> 
>>> Ok.  I tried to read this thread - it turned to be VERY difficult
>>> as you all did an "excellent" job with quoting so it's nearly
>>> impossible to find the actual content in every new message.
>> 
>> No comment.
>> 
>>> Ok.
>>> 
>>> So far, I can only understand that no matter how rbldnsd is
>>> configured, it always "REFUSE"s every query out there.
>> 
>> Correct.
>> 
>>> 
>>> So from now, I suggest to do the following.
>>> 
>>> Start from scratch.  Using VERY VERY SIMPLE configuration, like
>>> this:
>>> 
>>> rbldnsd -b 00.000.0000.00000/1053 -l +log bl.test:ip4set:test
>> 
>> I hate to sound "pedantic" but as I understood your intention,
>> I used: rbldnsd -b 00.000.0000.000/1053 -l +log bl.test:ip4set:test
>> 
>>> 
>>> -- literally, bl.test - this fake name will not reveal your
>>> real domain you're hiding so carefully - only use the real
>>> IP address.
>>> 
>>> In file "test", create only single line:
>>> 
>>> 127.0.0.2   hello here
>> 
>> Did it.
>> 
>>> 
>>> now, after starting rbldnsd, query it
>>> (forget about bind for now).
>>> 
>>> dig -p1050 2.0.0.127.bl.test @00.000.0000.000000
>> 
>> Again; being pedantic:
>> dig -p1053 2.0.0.127.bl.test @00.000.0000.000
>> 
>> Reveals:
>> ; <<>> DiG 9.4.2 <<>> -p1053 2.0.0.127.bl.test @00.000.000.000
>> ;; global options:  printcmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26434
>> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>> ;; WARNING: recursion requested but not available
>> 
>> ;; QUESTION SECTION:
>> ;2.0.0.127.bl.test.             IN      A
>> 
>> ;; ANSWER SECTION:
>> 2.0.0.127.bl.test.      2100    IN      A       127.0.0.2
>> 
>> ;; Query time: 69 msec
>> ;; SERVER: 00.000.000.000#1053(00.000.000.000)
>> ;; WHEN: Thu Mar  6 14:24:12 2008
>> ;; MSG SIZE  rcvd: 51
>> 
>> --- note the NOERROR above. :)
>> 
>> and sending:
>> dig -p1053 2.0.0.127.bl.test @00.000.000.000 -t txt
>> 
>> reveals:
>> ; <<>> DiG 9.4.2 <<>> -p1053 2.0.0.127.bl.test @00.000.000.000 -t txt
>> ;; global options:  printcmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43314
>> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>> ;; WARNING: recursion requested but not available
>> 
>> ;; QUESTION SECTION:
>> ;2.0.0.127.bl.test.             IN      TXT
>> 
>> ;; ANSWER SECTION:
>> 2.0.0.127.bl.test.      2100    IN      TXT     "hello there"
>> 
>> ;; Query time: 1 msec
>> ;; SERVER: 00.000.000.000#1053(00.000.000.000)
>> ;; WHEN: Thu Mar  6 14:29:42 2008
>> ;; MSG SIZE  rcvd: 59
>> 
>> --note the NOERROR+"hello there" above. :))
>> 
>>> 
>>> (please use real syntax, - you're good at this stuff).
>>> 
>>> At this point, dig should return the test entry, and
>>> rbldnsd should log the successeful query.
>> 
>> Yes, as you can see; it did.
>> 
>>> 
>>> If it will log REFUSED, or anthing else for that matter --
>>> well, There Is No Magic. - I'd say check your sources,
>>> compilation options, fire up gdb etc - it's some local
>>> problem.
>>> 
>>> Please do the very simple steps outlined above.  It should
>>> be simple enough to follow.
>> 
>> As you can see; you were (of course) correct.
>> I don't know if it's worth noting, but probably is;
>> the BIND was /not/ running while I performed all this.
>> 
>> Anyway, difficult to say where /exactly/ I should go from
>> here. But the output above looks promising.
> 
> OK. This just in...
> I changed bl.text to my actual FQDN - blackhole.nospammers.com,
> reused the test zone, fired up the RBLDNSD, sent a qurery
> against 2.0.0.127.blackhole.nospammers.com.
> 
> Answer: NOERROR.
> 
> NEXT, I loaded up my original ip4tset zone and re-performed
> all the steps, and queries again.
> 
> BINGO! - NOERROR.
> 
> Conclusion; there is one notabe difference I believe worth
> mentioning between your /suggested/ commandline; the /lack/
> of defining the PID file. I conclude that the RBLDNSD was
> unable to properly communicate on it's socket because the
> PID file was out of it's reach - /var/run/rbldnsd.pid
> working dir: /usr/local/etc/rbldnsd/

My conlusion was wrong.!
Fact is: .COM != .com
Meaning: the RBLDNSD appears to always use lowercase. Even
though the config/zone claimed .COM; the BIND claimed .COM;
the RBLDNSD speaks on .com - /not/ .COM. I read an RFC on
this very subject, but can't recall the number. Anyway,
best practice with the RBLDNSD; use lowercase.

Having changed the startup command to use:
blackhole.nospammers.com fixes the whole mess. Everything
works as expected/desired. :)
Let that be a lesson to others, and maybe an additional
entry into the RBLDNSD man page - ALWAYS USE lowerCASE - ALWAYS.

--Chris H

> 
> Given that everything is now working as expected. I'm
> going to make a var/run/ tree in the RBLDNSD's working
> directory, and continue to use my earlier commandline
> to startup the RBLDNSD. Unless that should fail, I think
> we can consider this a "wrap". :)
> 
> Thank you (and everyone else) again for all your time and
> consideration in this matter.
> 
> --Chris H
> 
>> 
>> Thank you very much for all your time and consideration.
>> 
>> --Chris H
>> 
>>> 
>>> /mjt
>>> _______________________________________________
>>> rbldnsd mailing list
>>> rbldnsd at corpit.ru
>>> http://www.corpit.ru/mailman/listinfo/rbldnsd
>> _________________________________________________________________
>> http://fastmail.ca/ - Fast Secure Web Email for Canadians
>> 
>> _______________________________________________
>> rbldnsd mailing list
>> rbldnsd at corpit.ru
>> http://www.corpit.ru/mailman/listinfo/rbldnsd
> _________________________________________________________________
> http://fastmail.ca/ - Fast Secure Web Email for Canadians
> 
> _______________________________________________
> rbldnsd mailing list
> rbldnsd at corpit.ru
> http://www.corpit.ru/mailman/listinfo/rbldnsd
_________________________________________________________________
    http://fastmail.ca/ - Fast Secure Web Email for Canadians

More information about the rbldnsd mailing list