Hi all, We are using SA 3.2.1 and have serious problems with the dnsbl server used in 72_active.cf. Server dob.sibl.support-intelligence.net generates timeouts, so average spam processing time drop to 5 second on quite fast servers!
Here is the output of spamd -D [12412] dbg: dns: success for 15 of 17 queries [12412] dbg: dns: timeout for dob after 3 seconds [12412] dbg: dns: timeout for dob after 3 seconds All other dnsbl tests succeeds. A manual DNS query to my ISPs NS give me a SERVFAIL: ; <<>> DiG 9.3.4 <<>> @ns1.sil.at -t A test.dob.sibl.support-intelligence.net ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31228 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;test.dob.sibl.support-intelligence.net. IN A ;; Query time: 5 msec ;; SERVER: 213.129.232.1#53(213.129.232.1) ;; WHEN: Thu Jun 28 14:56:13 2007 ;; MSG SIZE rcvd: 56 We always use internal DNS caches (bind9, MS DNS server), and those internal servers retries the query until they reach there timeout. So we run into a timeout as soon as we use the internal servers. If i query at opendns.org I get an answer after 6 second - which is ways to slow. > time dig @208.67.222.222 -t A test.dob.sibl.support-intelligence.net ; <<>> DiG 9.3.4 <<>> @208.67.222.222 -t A test.dob.sibl.support-intelligence.net ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61412 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;test.dob.sibl.support-intelligence.net. IN A ;; ANSWER SECTION: test.dob.sibl.support-intelligence.net. 0 IN A 208.69.32.132 ;; Query time: 1025 msec ;; SERVER: 208.67.222.222#53(208.67.222.222) ;; WHEN: Thu Jun 28 15:05:57 2007 ;; MSG SIZE rcvd: 72 real 0m6.042s user 0m0.000s sys 0m0.000s Anyone else have problem with dob.sibl.support-intelligence.net? - Dietmar
