[rbldnsd] Problem...
Matthew Sullivan
matthew at sorbs.net
Fri Feb 20 12:28:45 MSK 2004
Hey all,
Someone just posted an interesting issue with the SORBS DNSbl.... This
probably documented behaviour, but I figured I'd pass it by the list and
see if anyone including Michael has any comments...
We have supplied the zones as just listings until recently when we
picked up the Dynablock and started actively maintaining it in the place
of Ben. However the issue that appeared today -
We have 17740 exceptions listed, and these exceptions are exported into
the DUHL where all works fine......except the DUHL zone is aggregated
into the main zone, so all the exceptions are also aggregated into the
main zone which means anyone excepted from the DUHL is actually excepted
from all listings when using the aggregate zone....
Now I figure I have a few options...
1/ Process out all the exceptions and stop using them
2/ Process out the exceptions at export time and create an extra zone
which is the aggregate zone
3/ Talk to this list and Michael about whether the exceptions can be
limited to apply to their own zone only. (Guess where I am ;-))
Comments/suggestions welcomed.
Example Data:
$DATASET ip4set http @
$SOA 172800 rbldns0.sorbs.net. dns.isux.com. 1077267901 7200 7200
604800 3600
$NS 48h rbldns0.sorbs.net.
:127.0.0.2:HTTP Proxy See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=$
$TTL 172800
4.3.216.194
4.17.224.68
4.21.138.56
4.22.136.147
$DATASET ip4set dul @
$SOA 172800 rbldns0.sorbs.net. dns.isux.com. 1077267901 7200 7200
604800 3600
$NS 48h rbldns0.sorbs.net.
:127.0.0.10:Dynamic IP Address See:
http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=$
$TTL 172800
4.2.0.0/15
4.10.0.0/15
4.12.0.0/14
!4.3.216.0/24
!4.3.218.0/24
.....
Using the above data you get the following:
$ host 194.216.3.4.dul.dnsbl.sorbs.net
Host 194.216.3.4.dul.dnsbl.sorbs.net not found: 3(NXDOMAIN)
$ host 194.216.3.4.http.dnsbl.sorbs.net
194.216.3.4.http.dnsbl.sorbs.net has address 127.0.0.2
All fine and good... now the problem:
$ host 194.216.3.4.dnsbl.sorbs.net
Host 194.216.3.4.dnsbl.sorbs.net not found: 3(NXDOMAIN)
I expect and don't get (my fault I presume):
$ host 194.216.3.4.dnsbl.sorbs.net
194.216.3.4.dnsbl.sorbs.net has address 127.0.0.2
Removing the DUHL exception (!4.3.216.0/24) I get:
$ host 194.216.3.4.dnsbl.sorbs.net
194.216.3.4.dnsbl.sorbs.net has address 127.0.0.10
194.216.3.4.dnsbl.sorbs.net has address 127.0.0.2
which is expected.
Suggestions, comments?
/ Mat
More information about the rbldnsd
mailing list