I've been troubleshooting a system today that is having problems with SA. It appears their DNS servers will not answer NS records, and only NS recoreds. A,MX,CNAME,SOA,PTR all work fine (strangest thing ever)... So when SA starts up, the DNS detection code decides that DNs is not available.
No big deal, I hard coded dns_available yes in local.cf and went on. Come to find out, DNSBL tests never fire either. DCC, Razor and Pyzor are all working okay. But somehow when I pass a url through the system that I know is on a SURBL list, it never fires. Example... [EMAIL PROTECTED] root]# echo -e "From: dallase\n\nhttp://platinummed.biz\n"; | spamc X-Spam-Report: * -3.3 ALL_TRUSTED Did not pass through any untrusted hosts * 0.1 MISSING_HEADERS Missing To: header * 2.3 BIZ_TLD URI: Contains an URL in the BIZ top-level domain * 3.2 DOMAIN_RATIO BODY: Message body mentions many internet domains * 0.4 BAYES_60 BODY: Bayesian spam probability is 60 to 80% * [score: 0.6428] * 1.2 MISSING_SUBJECT Missing Subject: header * 0.0 AWL AWL: From: address is in the auto white-list Same thing ran on any other box produces many surbl hits.. So I debugged it out a ways, and I saw the line I added in the ns lookup code, 'Lookup NS record for domain platinummed.biz'... Why is the NS record for this domain being looked up at all?? All that is needed here is a lookup for the TXT record of platinummed.biz.multi.surbl.org right?? Anyhow, as soon as it looks up the NS record, it cause the query to fail because no NSs get returned due to the DNS problems they have answering NS records. @4000000041a2551e2301b544 debug: uridnsbl: domains to query: platinummed.biz @4000000041a2551e2304a344 debug: generic: lookup DNSBL item platinummed.biz.multi.surbl.org. qtype A @4000000041a2551e232156ec debug: generic: ent->sock is IO::Socket::INET=GLOB(0x8d6fcb8) of type DNSBL @4000000041a2551e2326c974 debug: generic: Lookup NS record for domain platinummed.biz @4000000041a2551e233f3b44 debug: generic: ent->sock is IO::Socket::INET=GLOB(0x8b2b38c) of type NS @4000000041a2551e234c8d6c debug: dns: is Net::DNS::Resolver available? Yes @4000000041a2551e234decfc debug: dns: Net::DNS version: 0.44 @4000000041a2551e3998e55c debug: URIBL: check rule name URIBL_SC_SURBL for IO::Socket::INET=GLOB(0x8d6fcb8) @4000000041a2551e3998f114 debug: generic: URIBLDNS answer size is -1 @4000000041a2551e3998f8e4 debug: uridnsbl: query for platinummed.biz took 0 seconds to look up (multi.surbl.org.:platinummed.biz) @4000000041a2551e39990884 debug: generic: running NS lookup for platinummed.biz @4000000041a2551e39991054 debug: uridnsbl: queries completed: 2 started: 0 @4000000041a2551e3999c7ec debug: uridnsbl: queries active: at Mon Nov 22 15:07:32 2004 I didn't want to file a bug report yet because I'm not sure if it's a bug, or just rearing its head because they have a jacked up DNS setup. However, I do agree that on SURBL lookups, only A/TXT records should be needed, not NS. Can anyone clarify? Thanks, Dallas
