?
Solved

CentOS:  Setup DNSBL with DNS (named)

Posted on 2014-03-11
8
Medium Priority
?
563 Views
Last Modified: 2014-03-15
Hi All,

I Have a VPS server running CentOS 6.5

Two of my domains a being email spammed, all of the source IP's are listed in DNSBL

Can someone help me configure my DNS server (named) to use DNSBL so it drops requests from these IP's?


Many thanks
0
Comment
Question by:detox1978
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
8 Comments
 
LVL 13

Accepted Solution

by:
Daniel Helgenberger earned 2000 total points
ID: 39920242
Hello,

you can only configure your MTA (eg. postfix) to use DNSBL. Your named (if you have it running on your server) has nothing to do with it (though it may be configured as a forwarder)

Postfix will lookup the entries (IP-addresses) in DNSBL by DNS resolves. It uses the name servers configured in /etc/hosts. The DNSBL will return a return code if you have a match and nothing if the IP is not listed. Please see: http://www.spamhaus.org/zen/
You can test it yourself:
$ dig +short 0.210.73.208.sbl.spamhaus.org
127.0.0.2

Open in new window

This IP is (by whois) part of Oversee.net, which has blacklisted this IP manually by submitting it to spamhaus. The return code tells you it is in the 'Directly added' list.
Another example, if your ISP is operating by the books:
$ dig +short 139.83.64.91.zen.spamhaus.org
127.0.0.11

Open in new window

This is the current IP of my router at home, my ISP (kabeldeutschland.de) has done a good thing by submitting it to spamhaus as
End-user Non-MTA IP addresses set by ISP outbound mail policy

This is practically the same thing postfix would do. If these simple tests result in these return codes, your entries in reject_rbl_client are working.

Kindly continue on your other thread:
http://www.experts-exchange.com/OS/Linux/Q_28383789.html
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39923027
Configure the postifx with DNSBL to avoid further block

TY/SA
0
 
LVL 2

Author Comment

by:detox1978
ID: 39924206
Sorry I didnt relise DNSBL couldnt be used on DNS.  I was struggling to get it setup on postfix, so thought I'd try named in tandem.

I will go back to the postfix thread.

Thanks
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Author Comment

by:detox1978
ID: 39925764
I've requested that this question be deleted for the following reason:

DNSBL cant be setup with named.   So this question isnt needed.
0
 
LVL 13

Expert Comment

by:Daniel Helgenberger
ID: 39925766
Hello detox1978.

IMHO this question should be closed or an accepted rather than deleted, since I consider even a negative ( = it is not possible) an answer, at least it helped you ruling out an approach.
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39925776
Agree
0
 
LVL 2

Author Comment

by:detox1978
ID: 39925806
Sure no prob.
0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month12 days, 16 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question