> * Many DNSBL's don't work anymore, and this can easily be tested. > * zen.spamhaus.org doesn't accept queries from 8.8.8.8
The above two are related, you are using an external DNS resolver (a google one in your case) and this is a BAD idea when it comes to a mailserver or spamfilter, see, most/all DNSBLs/URIBLs implement a query-rate-limiting mechanism to avoid DDoS and the like, now if you consider that using 8.8.8.8 a given DNSBL/URIBL will see *your* queries as coming from such an IP (yes !, think about it) it's easy to see how, as soon as a bunch of people starts using the same public resolver, the rate-limiting mechanism will kick in and you'll find that suddenly DNSBL/URIBL queries are failing Bottom line, instead of listening to the clueless drunk idiots suggesting to use public resolvers for an SMTP server/filter queries, do yourself a favour and set up a fully recursive resolver (no forwarders or so, just a plain vanilla resolver using root hints) and point your ASSP to it you'll avoid issues like the above ones AND will experience *faster* (not kidding) replies to your DNS queries; now... I don't know what you're running over (O/S) but in general, UnBound http://www.unbound.net/ is a good choice (stay away from BIND if you can) HTH ------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
