Hmmm, I wish I could explain how...<br>
Here's my test for <a href="http://195.2.96.244">195.2.96.244</a>:<br>
=========================================================<br>
[root@squirrel rbldns]# dig @localhost 244.96.2.195.countries.blocked.rbl a<br>
<br>
; <<>> DiG 9.2.4 <<>> @localhost 244.96.2.195.countries.blocked.rbl a<br>
;; global options: printcmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46726<br>
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0<br>
<br>
;; QUESTION SECTION:<br>
;244.96.2.195.countries.blocked.rbl. IN A<br>
<br>
;; ANSWER SECTION:<br>
244.96.2.195.countries.blocked.rbl. 2100 IN A <a href="http://127.4.2.8">127.4.2.8</a><br>
<br>
;; AUTHORITY SECTION:<br>
countries.blocked.rbl. 3000
IN NS
<a href="http://dspam.XXXXXX.ca">dspam.XXXXXX.ca</a>.<br>
<br>
;; Query time: 1 msec<br>
;; SERVER: 127.0.0.1#53(localhost)<br>
;; WHEN: Fri Oct 7 14:11:15 2005<br>
;; MSG SIZE rcvd: 97<br>
=========================================================<br>
as well as<br>
[root@squirrel rbldns]# dig @localhost 244.96.2.195.lv.countries.blocked.rbl a<br>
<br>
; <<>> DiG 9.2.4 <<>> @localhost 244.96.2.195.lv.countries.blocked.rbl a<br>
;; global options: printcmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8744<br>
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0<br>
<br>
;; QUESTION SECTION:<br>
;244.96.2.195.lv.countries.blocked.rbl. IN A<br>
<br>
;; ANSWER SECTION:<br>
244.96.2.195.lv.countries.blocked.rbl. 2100 IN A <a href="http://127.4.2.8">127.4.2.8</a><br>
<br>
;; AUTHORITY SECTION:<br>
countries.blocked.rbl. 3000
IN NS
<a href="http://dspam.XXXXXXX.ca">dspam.XXXXXXX.ca</a>.<br>
<br>
;; Query time: 1 msec<br>
;; SERVER: 127.0.0.1#53(localhost)<br>
;; WHEN: Fri Oct 7 14:15:50 2005<br>
;; MSG SIZE rcvd: 100<br>
=========================================================<br>
however <br>
[root@squirrel rbldns]# dig @localhost 244.96.2.195.ca.countries.blocked.rbl a<br>
<br>
; <<>> DiG 9.2.4 <<>> @localhost 244.96.2.195.ca.countries.blocked.rbl a<br>
;; global options: printcmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10010<br>
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0<br>
<br>
;; QUESTION SECTION:<br>
;244.96.2.195.ca.countries.blocked.rbl. IN A<br>
<br>
;; AUTHORITY SECTION:<br>
countries.blocked.rbl. 300
IN SOA
<a href="http://dspam.XXXXXXX.ca">dspam.XXXXXXX.ca</a>. <a href="http://hostmaster.dspam.XXXXXXX.ca">hostmaster.dspam.XXXXXXX.ca</a>. 1128631361 600 300 86400
300<br>
<br>
;; Query time: 1 msec<br>
;; SERVER: 127.0.0.1#53(localhost)<br>
;; WHEN: Fri Oct 7 14:17:44 2005<br>
;; MSG SIZE rcvd: 117<br>
=========================================================<br>[root@squirrel rbldns]# cat logfile<br>
1128715849 <a href="http://127.0.0.1">127.0.0.1</a> 244.96.2.195.countries.blocked.rbl A IN: NOERROR/1/97<br>
1128715875 <a href="http://127.0.0.1">127.0.0.1</a> 244.96.2.195.countries.blocked.rbl A IN: NOERROR/1/97<br>
1128716150 <a href="http://127.0.0.1">127.0.0.1</a> 244.96.2.195.lv.countries.blocked.rbl A IN: NOERROR/1/100<br>
1128716264 <a href="http://127.0.0.1">127.0.0.1</a> 244.96.2.195.ca.countries.blocked.rbl A IN: NXDOMAIN/0/117<br>
<br>
Again,<br>
[root@squirrel rbldns]# tail -3 /etc/sysconfig/rbldnsd<br>
RBLDNSD="- -r/var/lib/rbldns -b127.0.0.1 -l +logfile \<br>
countries.blocked.rbl:combined:meta,countries.rbl \<br>
"<br>
and<br>
[root@squirrel rbldns]# cat meta<br>
$NS 3000 <a href="http://dspam.XXXXXXX.ca">dspam.XXXXXXX.ca</a> <a href="http://dspam.XXXXXXXX.ca">dspam.XXXXXXXX.ca</a><br>
<br>
<br>
<br><div><span class="gmail_quote">On 10/7/05, <b class="gmail_sendername">Michael Tokarev</b> <<a href="mailto:mjt@tls.msk.ru">mjt@tls.msk.ru</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Vlad Z wrote:<br>> Michael,<br>> thank you for your suggestions, my rbldnsd works fine now, effectively<br>> blacklisting the entire world.<br><br>Care to explain how?<br>The file, <a href="http://blackholes.us/zones/countries/countries.rbl">
http://blackholes.us/zones/countries/countries.rbl</a>, lists<br>each country in a separate subzone named after the TLD of that country.<br>So you either removed all the subzone definitions from it, placing<br>all ranges into the same level, or specified all subzones in turn
<br>in your MTA configuration, or there's some bug somewhere.<br><br>> My next challenge is to exclude US and Canada from the list. Is there a<br>> way to avoid manual editing of countries.rbl and somehow override the
<br>> configuration, excluding 2 zones from the file?<br><br>It depends on the answer to the above question.<br><br>/mjt<br>_______________________________________________<br>rbldnsd mailing list<br><a href="mailto:rbldnsd@corpit.ru">
rbldnsd@corpit.ru</a><br><a href="http://www.corpit.ru/mailman/listinfo/rbldnsd">http://www.corpit.ru/mailman/listinfo/rbldnsd</a><br></blockquote></div><br>