I've recently moved my ASSPv2 instance to a new machine and I noticed that lookups for URIBL and DNSBL were succeeding on IP's that I knew were blacklisted. So I fired up the BIND query logging and I saw the following:
... client 127.0.0.1#55799 (30.41.95.209.zen.spamhaus.org): query: 30.41.95.209.zen.spamhaus.org IN A - (127.0.0.1) client 127.0.0.1#8799 (sourceforge.net): query: sourceforge.net IN A + (127.0.0.1) ... Most of the queries (senderbase.org, sourceforge.net, tests for MX/SPF/DMARC/PTR records, etc.) were requesting recursion with the RD bit (the plus sign at the end). However, queries for URIBL and DNSBL were not (the minus sign at the end) - relying on my DNS's cache. My DNS server being the recursive server that it grew up to be could not give the correct DNS results when using only its cache - rather it gave completely empty results. After I run a query with the recursive bit set, like the following: dig A 30.41.95.208.zen.spamhaus.org ASSP did pick up the records correctly. I honestly don't know very much about DNS - should ASSP be setting the recursive flag? Regards, Mark ------------------------------------------------------------------------------ _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user
