Re: [mailop] zen.spamhaus.org

Wed, 07 Feb 2024 07:37:47 -0800 

On Wed, Feb 7, 2024 at 6:05 PM Mark Milhollan <[email protected]>
wrote:

> On Tue, 6 Feb 2024, Odhiambo Washington wrote:
> >On Wed, Feb 7, 2024 at 12:53 AM Mark Milhollan <
> [email protected]> wrote:
> >>On Tue, 6 Feb 2024, Odhiambo Washington wrote:
>
> >>>Today morning I woke up to all emails being rejected as I was using
> >>>zen.spamhaus.org in my dnslists.
>
> >>Are you using your own resolver (like BIND, Knot Resolver, or Unbound)
> >>rather than a public resolver (like Cloudflare, Google, or Quad9)?
>
> >I have my local instance of unbound resolver.
>
> I should have mentioned that it must not use a forwarder, it must
> query Spamhaus directly.


Right. I don't use any forwarders.


> What results do you obtain if you query for 127.0.0.1, e.g., ''dig
> 1.0.0.127.zen.spamhaus.org''?  If the result is that there are no

records (NXDOMAIN) then the problem isn't use of an open resolver.  But if
> the result is 127.255.255.254 then you are using
> an open resolver and you must find a way to stop doing so -- if you
> must use a forwarder then be sure to specify that for zen.spamhaus.org it
> should not.


wash@gw:~$ dig 1.0.0.127.zen.spamhaus.org

; <<>> DiG 9.18.3 <<>> 1.0.0.127.zen.spamhaus.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22423
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;1.0.0.127.zen.spamhaus.org.    IN      A

;; AUTHORITY SECTION:
zen.spamhaus.org.       3100    IN      SOA     need.to.know.only.
hostmaster.spamhaus.org. 2402071511 3600 600 432000 10

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Wed Feb 07 18:21:44 EAT 2024
;; MSG SIZE  rcvd: 119


> Otherwise you need to stop using Spamhaus -- even if you sign-up, perhaps
> because of the query volume, you still must query them
> directly not via a public resolver.
>

My server is a low-volume sender.

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
 In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]

_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop

Reply via email to