On 12/04/2018 15:13, Klaipedaville on Google wrote:
> Hello list,
> I was wondering if anybody could advise please, on the line below that I
> always seem to get in my Bind 9.8.4 logs:
> error (unexpected RCODE SERVFAIL) resolving
> I know what it generally stands for, that is the name server was unable to
> process this query due to a problem with the name server (according to RFC
> 1035, 4.1.1).
> I am using ACL and I white-listed 22.214.171.124. I also white-listed and
> made sure the IP in question is not blocked anywhere else, like iptables and
> so on. However. I also notice that dul.dnsbl.sorbs.net has no A records so I
> think that this may not be the issue. Plus, I also noticed later that IP
> addresses changed regularly (it can be just about any other IP instead of
> where 126.96.36.199 is) so my white-listing was useless.
> I would be really thankful if anybody could assist on the correct setting to
> allow my named (Bind) server to communicate with dul.dnsbl.sorbs.net as all
> the other DNSBLs etc. I use on my server work and resolve well.
> I would appreciate any comments / pointers / help at all.
> Many thanks in advance!
You're going about this all wrong.
dul.dnsbl.sorbs.net will not have an A record, its not how dnsbl's
You placing them in an ACL makes no difference, SORBS is the one who
controls access to their resources, its SORBS server not answering you,
there is nothing you can do about it, though you shouldnt be querying a
particular SORBS NS, just the name itself. you should have no entries
anywhere for SORBS except in your SMTP/WWW_Module configs, like, for
example in postfix:
I wont go into the fact bind 9.8 is so old its unsupported :)
This Email, including any attachments, may contain legally
information, therefore remains confidential and subject to copyright
protected under international law. You may not disseminate, discuss, or
reveal, any part, to anyone, without the authors express written
authority to do so. If you are not the intended recipient, please notify
the sender then delete all copies of this message including attachments,
immediately. Confidentiality, copyright, and legal privilege are not
waived or lost by reason of the mistaken delivery of this message. Only
PDF  and ODF  documents accepted, please do not send proprietary
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list