David Zinder wrote:
What should dig return? I too have Verizon fios. If /etc/resolve.conf
contains their DNS servers I get similar dig results as you. If I
change it to DNS servers I trust I get:
$ dig techweb.com.multi.surbl.org
; <<>> DiG 9.2.4 <<>> techweb.com.multi.surbl.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11053
<snip>
Is this a correct response from dig?
Yes, that's the correct result. You want NXDOMAIN (ie: not in the
blacklist).
If so, changing the DNS servers in /etc/resolve.conf does not fix my
problem. The techweb.com email is still reported on the blocklists. I
have also tried dig from two other email servers I control. They both
have different DNS servers in /etc/resolve.conf and different ISPs.
Both return similar dig results to what I pasted above and the
techweb.com email gets the same results.
You can also force dig to use a specific DNS server for the lookup. .you
might want to check all the servers in your resolv.conf. Perhaps SA is
using a different one than the command-line is picking:
ie:
dig @192.168.1.1 techweb.com.multi.surbl.org
will force it to use 192.168.1.1 as a DNS server (note the space between
dig and @.. that's important)
You should see poisoned results from:
dig @71.242.0.12 techweb.com.multi.surbl.org
And good results from:
dig @71.242.0.14 techweb.com.multi.surbl.org