> Jari Fredriksson <ja...@iki.fi> kirjoitti 14.11.2017 kello 18.42: > > > >> Reindl Harald <h.rei...@thelounge.net> kirjoitti 14.11.2017 kello 15.30: >> >> >> >> Am 14.11.2017 um 07:11 schrieb Jari Fredriksson: >>> I have a couple of issues with my LAN /w SpamAssassin, >>> 1. Wrong resolved used >>> Nov 14 07:51:51 whirlwind spamd[4041]: spamd: connection from >>> gamecock.fredriksson.dy.fi [192.168.1.123]:59338 to port 783, fd 5 >>> Nov 14 07:51:51 whirlwind spamd[4041]: spamd: processing message >>> <20171114055150.15886142...@mail.bitwell.biz> for spam:1001 >>> Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: >>> Connection refused, failing over to [127.0.0.1]:53 >>> Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 >>> failed: Connection refused, failing over to [::1]:53 >>> $ cat /etc/resolv.conf >>> jarif@whirlwind:~$ cat /etc/resolv.conf >>> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by >>> resolvconf(8) >>> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN >>> # 127.0.0.53 is the systemd-resolved stub resolver. >>> # run "systemd-resolve --status" to see details about the actual >>> nameservers. >>> nameserver 127.0.0.53 >>> search fredriksson.dy.fi >> >> horrible idea on a server to begin with > > It is actually a dual boot Ubuntu / Windows 10 workstation. Acts as an > additional spamd when on Linux mode.
.. and 127.0.0.53 is the NetworkDamager and it’s companion DNSMasq. I hate those, but will not once again remove them just the get them back as I upgrade that Ubuntu… But they should honor the dhcp setting I have prepared for them, and the URIBL_BLOCKED samples I have seen are NOT from this specific box but from specific Debian server instances in my LAN specialised to be spamd and clamd. br. jarif > > > > >> >>> Where does SA take its DNS resolver? >> >> http://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html >> >> dns_server ip-addr-port (default: entries provided by Net::DNS) >> >>> 2. URIBL BLOCKED >>> I have two kinds of resolvers for my LAN. >>> - non forwarding caching name servers x 3 - these are meant to be by >>> SpamAssassin and servers >>> - forwarding caching and filtering (PiHole) name servers x 2 - these are >>> meant to be used by desktop PC’s, cellphones and laptops >> >> do youself a favor and just setup a dedicated unbound which does recursion >> out of the box on the machine running the inbound mailserver >> >> > > I have 3 dedicated bind9 for that. None of them run on mail server though, > but on same LAN. > > br. jarif
signature.asc
Description: Message signed with OpenPGP
