subject:"\[Pdns\-users\] Could not retrieve security status update \/ spamhaus.org unable to query"

Re: [Pdns-users] Could not retrieve security status update / spamhaus.org unable to query

2017-12-29 Thread Sophie Loewenthal

Hi Bert,
Thanks for the info.

> Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] 
> 102.77.50.178.xbl.spamhaus.org: timeout resolving after 2503.31msec

I'm travelling and don't have server access, and cannot give the full logs, yet.
I guess you are correct & Spamhaus is blocking this. The source IP address has 
not been used to query DNS for 9 months, so odd they are blocking it now. 
Limits are not being exceeded because it is a very small email server with an 
email rate of 200 messages per day. 
I sent SpamHaus an email asking if they are blocking this.


Thanks, 
Sophie
--

On December 29, 2017 11:16:13 AM CET, bert hubert  
wrote:
>On Fri, Dec 29, 2017 at 12:02:13AM +0100, Sophie Loewenthal wrote:
>> Hi everyone,
>
>good morning!
>
>> I had this message in my logs in a new installation with a new VPS
>provider, and wonder if this is them or pdns_resolver blocking,
>> Dec 28 22:42:11 mx10 pdns_recursor[7093]: Could not retrieve security
>status update for '4.0.4-1+deb9u3.Debian' on
>'recursor-4.0.4-1_deb9u3.Debian.security-status.secpoll.powerdns.com',
>RCODE = Non-Existent domain
>
>This is a mistake by us, and we'll rectify it. We should list this
>version
>as safe or not, apologies.
>
>> Also, I noticed that spamhaus.org was not resolving, which was quite
>strange. All other queries to RNSBLs work e.g spamcop.
>> Dec 28 21:04:38 10 pdns_recursor[2667]: [1225]
>102.77.50.178.xbl.spamhaus.org: timeout resolving after 2503.31msec
>> Dec 28 21:04:38 10 pdns_recursor[2667]: [1225]
>102.77.50.178.xbl.spamhaus.org: Trying IP 178.209.52.139:53, asking
>'102.77.50.178.xbl.spamhaus.org|'
>> Dec 28 21:04:38 10 pdns_recursor[2667]: 1 [1225/2] answer to question
>'102.77.50.178.xbl.spamhaus.org|': 0 answers, 0 additional, took 4
>packets, 7515.07 ms, 2 throttled, 3 timeouts, 0 tcp connections,
>rcode=2
>
>This is likely exactly what it says, that 178.209.52.139 is not
>listening to
>you. Spamhaus is known to limit queries if they exceed a certain rate.
>
>It looks like you deleted some log lines so we can't really tell what
>is
>going on.
>
>   Bert
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Could not retrieve security status update / spamhaus.org unable to query

2017-12-29 Thread bert hubert

On Fri, Dec 29, 2017 at 12:02:13AM +0100, Sophie Loewenthal wrote:
> Hi everyone,

good morning!

> I had this message in my logs in a new installation with a new VPS provider, 
> and wonder if this is them or pdns_resolver blocking,
> Dec 28 22:42:11 mx10 pdns_recursor[7093]: Could not retrieve security status 
> update for '4.0.4-1+deb9u3.Debian' on 
> 'recursor-4.0.4-1_deb9u3.Debian.security-status.secpoll.powerdns.com', RCODE 
> = Non-Existent domain

This is a mistake by us, and we'll rectify it. We should list this version
as safe or not, apologies.

> Also, I noticed that spamhaus.org was not resolving, which was quite strange. 
> All other queries to RNSBLs work e.g spamcop.
> Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] 
> 102.77.50.178.xbl.spamhaus.org: timeout resolving after 2503.31msec
> Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] 
> 102.77.50.178.xbl.spamhaus.org: Trying IP 178.209.52.139:53, asking 
> '102.77.50.178.xbl.spamhaus.org|'
> Dec 28 21:04:38 10 pdns_recursor[2667]: 1 [1225/2] answer to question 
> '102.77.50.178.xbl.spamhaus.org|': 0 answers, 0 additional, took 4 
> packets, 7515.07 ms, 2 throttled, 3 timeouts, 0 tcp connections, rcode=2

This is likely exactly what it says, that 178.209.52.139 is not listening to
you. Spamhaus is known to limit queries if they exceed a certain rate.

It looks like you deleted some log lines so we can't really tell what is
going on.

Bert
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Could not retrieve security status update / spamhaus.org unable to query

2017-12-29 Thread Aki Tuomi

On Fri, Dec 29, 2017 at 12:02:13AM +0100, Sophie Loewenthal wrote:
> Hi everyone,
> 
> 
> I had this message in my logs in a new installation with a new VPS provider, 
> and wonder if this is them or pdns_resolver blocking,
> 
> Dec 28 22:42:11 mx10 pdns_recursor[7093]: Could not retrieve security status 
> update for '4.0.4-1+deb9u3.Debian' on 
> 'recursor-4.0.4-1_deb9u3.Debian.security-status.secpoll.powerdns.com', RCODE 
> = Non-Existent domain
>

Hi, usually there are no security status for distro packages, as they take
care of the packages themselves.

AKi 
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

[Pdns-users] Could not retrieve security status update / spamhaus.org unable to query

2017-12-28 Thread Sophie Loewenthal

Hi everyone,


I had this message in my logs in a new installation with a new VPS provider, 
and wonder if this is them or pdns_resolver blocking,

Dec 28 22:42:11 mx10 pdns_recursor[7093]: Could not retrieve security status 
update for '4.0.4-1+deb9u3.Debian' on 
'recursor-4.0.4-1_deb9u3.Debian.security-status.secpoll.powerdns.com', RCODE = 
Non-Existent domain

So, I ran this ( Someone posted this line last year on the mailing list),

# for x in 1 2; do echo "pdns-public-ns${x}.powerdns.com"; dig +short 
@pdns-public-ns$x.powerdns.com auth-3.4.7.security-status.secpoll.powerdns.com 
IN TXT; done 
pdns-public-ns1.powerdns.com
"3 Upgrade now, see 
https://doc.powerdns.com/3/security/powerdns-advisory-2016-01/ 
https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ 
https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ 
https://doc.powerdns.com/3/security/powerdns-ad; "visory-2016-04/ and 
https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/;
pdns-public-ns2.powerdns.com
"3 Upgrade now, see 
https://doc.powerdns.com/3/security/powerdns-advisory-2016-01/ 
https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ 
https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ 
https://doc.powerdns.com/3/security/powerdns-ad; "visory-2016-04/ and 
https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/;


Also, I noticed that spamhaus.org was not resolving, which was quite strange. 
All other queries to RNSBLs work e.g spamcop.
Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] 102.77.50.178.xbl.spamhaus.org: 
timeout resolving after 2503.31msec
Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] 102.77.50.178.xbl.spamhaus.org: 
Trying IP 178.209.52.139:53, asking '102.77.50.178.xbl.spamhaus.org|'
Dec 28 21:04:38 10 pdns_recursor[2667]: 1 [1225/2] answer to question 
'102.77.50.178.xbl.spamhaus.org|': 0 answers, 0 additional, took 4 packets, 
7515.07 ms, 2 throttled, 3 timeouts, 0 tcp connections, rcode=2

  
The VPS provider tells me the problem is my install of pdns_resolver.  

Running : pdns-recursor 4.0.4-1+deb9u3  / 
# uname -a
Linux 10 4.9.0-4-amd64 #1 SMP Debian 4.9.65-3+deb9u1 (2017-12-23) x86_64 
GNU/Linux


I might have more than one problem...

Regards, So





___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Could not retrieve security status update / spamhaus.org unable to query

Re: [Pdns-users] Could not retrieve security status update / spamhaus.org unable to query

Re: [Pdns-users] Could not retrieve security status update / spamhaus.org unable to query

[Pdns-users] Could not retrieve security status update / spamhaus.org unable to query

4 matches

Site Navigation

Mail list logo

Footer information