Unbound and senderbase.org requests

Mon, 18 Jul 2016 00:24:35 -0700 

Hi all,
Long story short - we have Cisco Ironport email security appliance. This device filter emails by reputation filtering. To do this, the device send dns TXT request to senderbase.org, and based on answer make decisions about filtering mails. 

But that is not working through Unbound .

This is request and answer using Google free DNS :


dig @8.8.8.8 txt 
1-1569def8d9137c6f0dfef01fc43c5f39.142.36.123.93.v1x2s.rf-adfe2ko9.senderbase.org



; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @8.8.8.8 txt 
1-1569def8d9137c6f0dfef01fc43c5f39.142.36.123.93.v1x2s.rf-adfe2ko9.senderbase.org

; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3460
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:

;1-1569def8d9137c6f0dfef01fc43c5f39.142.36.123.93.v1x2s.rf-adfe2ko9.senderbase.org. 
IN TXT


;; ANSWER SECTION:

1-1569def8d9137c6f0dfef01fc43c5f39.142.36.123.93.v1x2s.rf-adfe2ko9.senderbase.org. 
999 IN TXT "|0=2.5|1=0.0|2=0.4399|3=0.5|7=AvNDhLIaN|10=0,0|"


;; Query time: 195 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jul 18 08:29:16 EEST 2016
;; MSG SIZE  rcvd: 170


As we can see, the request has a ANSWER SECTION, and Cisco Ironport use 
this numbers for blocking e-mails (domains).


This is request and answer using Unbound


dig @UnboundIP txt 
1-1569def8d9137c6f0dfef01fc43c5f39.142.36.123.93.v1x2s.rf-adfe2ko9.senderbase.org



; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @UnboundIP txt 
1-1569def8d9137c6f0dfef01fc43c5f39.142.36.123.93.v1x2s.rf-adfe2ko9.senderbase.org

; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5044
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1480
;; QUESTION SECTION:

;1-1569def8d9137c6f0dfef01fc43c5f39.142.36.123.93.v1x2s.rf-adfe2ko9.senderbase.org. 
IN TXT


;; Query time: 235 msec
;; SERVER: UnboundIP#53(UnboundIP)
;; WHEN: Mon Jul 18 09:53:42 EEST 2016
;; MSG SIZE  rcvd: 110


Unbound return ANSWER NXDOMAIN. Can someone help me with this ? Thanks.


























					Reply via email to