Solved

CentOS:  Setup DNSBL with DNS (named)

Posted on 2014-03-11
8
524 Views
Last Modified: 2014-03-15
Hi All,

I Have a VPS server running CentOS 6.5

Two of my domains a being email spammed, all of the source IP's are listed in DNSBL

Can someone help me configure my DNS server (named) to use DNSBL so it drops requests from these IP's?


Many thanks
0
Comment
Question by:detox1978
  • 3
  • 2
  • 2
8 Comments
 
LVL 13

Accepted Solution

by:
Daniel Helgenberger earned 500 total points
ID: 39920242
Hello,

you can only configure your MTA (eg. postfix) to use DNSBL. Your named (if you have it running on your server) has nothing to do with it (though it may be configured as a forwarder)

Postfix will lookup the entries (IP-addresses) in DNSBL by DNS resolves. It uses the name servers configured in /etc/hosts. The DNSBL will return a return code if you have a match and nothing if the IP is not listed. Please see: http://www.spamhaus.org/zen/
You can test it yourself:
$ dig +short 0.210.73.208.sbl.spamhaus.org
127.0.0.2

Open in new window

This IP is (by whois) part of Oversee.net, which has blacklisted this IP manually by submitting it to spamhaus. The return code tells you it is in the 'Directly added' list.
Another example, if your ISP is operating by the books:
$ dig +short 139.83.64.91.zen.spamhaus.org
127.0.0.11

Open in new window

This is the current IP of my router at home, my ISP (kabeldeutschland.de) has done a good thing by submitting it to spamhaus as
End-user Non-MTA IP addresses set by ISP outbound mail policy

This is practically the same thing postfix would do. If these simple tests result in these return codes, your entries in reject_rbl_client are working.

Kindly continue on your other thread:
http://www.experts-exchange.com/OS/Linux/Q_28383789.html
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39923027
Configure the postifx with DNSBL to avoid further block

TY/SA
0
 
LVL 2

Author Comment

by:detox1978
ID: 39924206
Sorry I didnt relise DNSBL couldnt be used on DNS.  I was struggling to get it setup on postfix, so thought I'd try named in tandem.

I will go back to the postfix thread.

Thanks
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 2

Author Comment

by:detox1978
ID: 39925764
I've requested that this question be deleted for the following reason:

DNSBL cant be setup with named.   So this question isnt needed.
0
 
LVL 13

Expert Comment

by:Daniel Helgenberger
ID: 39925766
Hello detox1978.

IMHO this question should be closed or an accepted rather than deleted, since I consider even a negative ( = it is not possible) an answer, at least it helped you ruling out an approach.
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39925776
Agree
0
 
LVL 2

Author Comment

by:detox1978
ID: 39925806
Sure no prob.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
spf record 8 58
SBS 20011 to Office 365 7 57
DNS A record 4 26
Secondary DNS Server 2008 R2 not kicking in 1 30
I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now