Solved

CentOS:  Setup DNSBL with DNS (named)

Posted on 2014-03-11
8
533 Views
Last Modified: 2014-03-15
Hi All,

I Have a VPS server running CentOS 6.5

Two of my domains a being email spammed, all of the source IP's are listed in DNSBL

Can someone help me configure my DNS server (named) to use DNSBL so it drops requests from these IP's?


Many thanks
0
Comment
Question by:detox1978
  • 3
  • 2
  • 2
8 Comments
 
LVL 13

Accepted Solution

by:
Daniel Helgenberger earned 500 total points
ID: 39920242
Hello,

you can only configure your MTA (eg. postfix) to use DNSBL. Your named (if you have it running on your server) has nothing to do with it (though it may be configured as a forwarder)

Postfix will lookup the entries (IP-addresses) in DNSBL by DNS resolves. It uses the name servers configured in /etc/hosts. The DNSBL will return a return code if you have a match and nothing if the IP is not listed. Please see: http://www.spamhaus.org/zen/
You can test it yourself:
$ dig +short 0.210.73.208.sbl.spamhaus.org
127.0.0.2

Open in new window

This IP is (by whois) part of Oversee.net, which has blacklisted this IP manually by submitting it to spamhaus. The return code tells you it is in the 'Directly added' list.
Another example, if your ISP is operating by the books:
$ dig +short 139.83.64.91.zen.spamhaus.org
127.0.0.11

Open in new window

This is the current IP of my router at home, my ISP (kabeldeutschland.de) has done a good thing by submitting it to spamhaus as
End-user Non-MTA IP addresses set by ISP outbound mail policy

This is practically the same thing postfix would do. If these simple tests result in these return codes, your entries in reject_rbl_client are working.

Kindly continue on your other thread:
http://www.experts-exchange.com/OS/Linux/Q_28383789.html
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39923027
Configure the postifx with DNSBL to avoid further block

TY/SA
0
 
LVL 2

Author Comment

by:detox1978
ID: 39924206
Sorry I didnt relise DNSBL couldnt be used on DNS.  I was struggling to get it setup on postfix, so thought I'd try named in tandem.

I will go back to the postfix thread.

Thanks
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 2

Author Comment

by:detox1978
ID: 39925764
I've requested that this question be deleted for the following reason:

DNSBL cant be setup with named.   So this question isnt needed.
0
 
LVL 13

Expert Comment

by:Daniel Helgenberger
ID: 39925766
Hello detox1978.

IMHO this question should be closed or an accepted rather than deleted, since I consider even a negative ( = it is not possible) an answer, at least it helped you ruling out an approach.
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39925776
Agree
0
 
LVL 2

Author Comment

by:detox1978
ID: 39925806
Sure no prob.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question