Re: [Pdns-users] Could not retrieve security status update / spamhaus.org unable to query
Hi Bert, Thanks for the info. > Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] > 102.77.50.178.xbl.spamhaus.org: timeout resolving after 2503.31msec I'm travelling and don't have server access, and cannot give the full logs, yet. I guess you are correct & Spamhaus is blocking this. The source IP address has not been used to query DNS for 9 months, so odd they are blocking it now. Limits are not being exceeded because it is a very small email server with an email rate of 200 messages per day. I sent SpamHaus an email asking if they are blocking this. Thanks, Sophie -- On December 29, 2017 11:16:13 AM CET, bert hubertwrote: >On Fri, Dec 29, 2017 at 12:02:13AM +0100, Sophie Loewenthal wrote: >> Hi everyone, > >good morning! > >> I had this message in my logs in a new installation with a new VPS >provider, and wonder if this is them or pdns_resolver blocking, >> Dec 28 22:42:11 mx10 pdns_recursor[7093]: Could not retrieve security >status update for '4.0.4-1+deb9u3.Debian' on >'recursor-4.0.4-1_deb9u3.Debian.security-status.secpoll.powerdns.com', >RCODE = Non-Existent domain > >This is a mistake by us, and we'll rectify it. We should list this >version >as safe or not, apologies. > >> Also, I noticed that spamhaus.org was not resolving, which was quite >strange. All other queries to RNSBLs work e.g spamcop. >> Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] >102.77.50.178.xbl.spamhaus.org: timeout resolving after 2503.31msec >> Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] >102.77.50.178.xbl.spamhaus.org: Trying IP 178.209.52.139:53, asking >'102.77.50.178.xbl.spamhaus.org|' >> Dec 28 21:04:38 10 pdns_recursor[2667]: 1 [1225/2] answer to question >'102.77.50.178.xbl.spamhaus.org|': 0 answers, 0 additional, took 4 >packets, 7515.07 ms, 2 throttled, 3 timeouts, 0 tcp connections, >rcode=2 > >This is likely exactly what it says, that 178.209.52.139 is not >listening to >you. Spamhaus is known to limit queries if they exceed a certain rate. > >It looks like you deleted some log lines so we can't really tell what >is >going on. > > Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Could not retrieve security status update / spamhaus.org unable to query
On Fri, Dec 29, 2017 at 12:02:13AM +0100, Sophie Loewenthal wrote: > Hi everyone, good morning! > I had this message in my logs in a new installation with a new VPS provider, > and wonder if this is them or pdns_resolver blocking, > Dec 28 22:42:11 mx10 pdns_recursor[7093]: Could not retrieve security status > update for '4.0.4-1+deb9u3.Debian' on > 'recursor-4.0.4-1_deb9u3.Debian.security-status.secpoll.powerdns.com', RCODE > = Non-Existent domain This is a mistake by us, and we'll rectify it. We should list this version as safe or not, apologies. > Also, I noticed that spamhaus.org was not resolving, which was quite strange. > All other queries to RNSBLs work e.g spamcop. > Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] > 102.77.50.178.xbl.spamhaus.org: timeout resolving after 2503.31msec > Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] > 102.77.50.178.xbl.spamhaus.org: Trying IP 178.209.52.139:53, asking > '102.77.50.178.xbl.spamhaus.org|' > Dec 28 21:04:38 10 pdns_recursor[2667]: 1 [1225/2] answer to question > '102.77.50.178.xbl.spamhaus.org|': 0 answers, 0 additional, took 4 > packets, 7515.07 ms, 2 throttled, 3 timeouts, 0 tcp connections, rcode=2 This is likely exactly what it says, that 178.209.52.139 is not listening to you. Spamhaus is known to limit queries if they exceed a certain rate. It looks like you deleted some log lines so we can't really tell what is going on. Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Could not retrieve security status update / spamhaus.org unable to query
On Fri, Dec 29, 2017 at 12:02:13AM +0100, Sophie Loewenthal wrote: > Hi everyone, > > > I had this message in my logs in a new installation with a new VPS provider, > and wonder if this is them or pdns_resolver blocking, > > Dec 28 22:42:11 mx10 pdns_recursor[7093]: Could not retrieve security status > update for '4.0.4-1+deb9u3.Debian' on > 'recursor-4.0.4-1_deb9u3.Debian.security-status.secpoll.powerdns.com', RCODE > = Non-Existent domain > Hi, usually there are no security status for distro packages, as they take care of the packages themselves. AKi ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Could not retrieve security status update / spamhaus.org unable to query
Hi everyone, I had this message in my logs in a new installation with a new VPS provider, and wonder if this is them or pdns_resolver blocking, Dec 28 22:42:11 mx10 pdns_recursor[7093]: Could not retrieve security status update for '4.0.4-1+deb9u3.Debian' on 'recursor-4.0.4-1_deb9u3.Debian.security-status.secpoll.powerdns.com', RCODE = Non-Existent domain So, I ran this ( Someone posted this line last year on the mailing list), # for x in 1 2; do echo "pdns-public-ns${x}.powerdns.com"; dig +short @pdns-public-ns$x.powerdns.com auth-3.4.7.security-status.secpoll.powerdns.com IN TXT; done pdns-public-ns1.powerdns.com "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2016-01/ https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ https://doc.powerdns.com/3/security/powerdns-ad; "visory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/; pdns-public-ns2.powerdns.com "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2016-01/ https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ https://doc.powerdns.com/3/security/powerdns-ad; "visory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/; Also, I noticed that spamhaus.org was not resolving, which was quite strange. All other queries to RNSBLs work e.g spamcop. Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] 102.77.50.178.xbl.spamhaus.org: timeout resolving after 2503.31msec Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] 102.77.50.178.xbl.spamhaus.org: Trying IP 178.209.52.139:53, asking '102.77.50.178.xbl.spamhaus.org|' Dec 28 21:04:38 10 pdns_recursor[2667]: 1 [1225/2] answer to question '102.77.50.178.xbl.spamhaus.org|': 0 answers, 0 additional, took 4 packets, 7515.07 ms, 2 throttled, 3 timeouts, 0 tcp connections, rcode=2 The VPS provider tells me the problem is my install of pdns_resolver. Running : pdns-recursor 4.0.4-1+deb9u3 / # uname -a Linux 10 4.9.0-4-amd64 #1 SMP Debian 4.9.65-3+deb9u1 (2017-12-23) x86_64 GNU/Linux I might have more than one problem... Regards, So ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users