The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED Query to URIBL was blocked - How do I set up a caching nameserver?

Discussion in 'E-mail Discussions' started by DigitalEssence, Feb 21, 2017.

  1. DigitalEssence

    Joined:
    May 21, 2014
    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Hi,

    Please speak slowly as I am a simple bear and easily confused.

    Queries to RBL's are sometimes being blocked as my IP is being lumped in with others and we go over the daily limit and no further emails are blocked/filtered on RBL rules. This is causing a spike in incoming spam emails.

    I've followed the link in the email headers and it says:

    My options are:
    * Setting up my own non-forwarding caching nameserver to avoid being lumped together with other users queries;
    * Setting up your own mirror of the DNS-blocklist
    * Paying to use the blocklist. The choice is up to the DNS-Blocklist administrator.


    When I test this on the CLI I get:

    Code:
    > host -tTXT 2.0.0.127.multi.uribl.com
    > 2.0.0.127.multi.uribl.com descriptive text "127.0.0.1 -> Query Refused. See [URL='http://uribl.com/refused.shtml']URIBL.COM - Realtime URI Blacklist[/URL] for more information [Your DNS IP: 74.125.xx.xx]"
    Which I think is a Google dns server.

    looking in /etc/resolv.conf

    Code:
    # cat resolv.conf
    # Generated by SolusVM
    nameserver 8.8.8.8
    nameserver 8.8.4.4
    nameserver My.IP.ADDRESS
    Can anyone advise how I setup my server to be a non-forwarding caching nameserver?

    My hosting company had a go and I think they just commented out the Google servers leaving mine. This worked fine apart from one domain that I have a zone record for and host the website but the email is set to remote exchanger. I couldn't send email as it kept on bouncing as the server tried to deliver emails to itself. In this individual case, I don't actually hold the zone record as it and the nameservers are with another host. It just points web to me. Either way, I couldn't send emails which was no use.

    Like I say, I am a simple bear so please speak slowly.

    And all help appreciated.

    Thanks.
     
    #1 DigitalEssence, Feb 21, 2017
    Last edited by a moderator: Feb 21, 2017
  2. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    875
    Likes Received:
    25
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    DigitalEssence likes this.
  3. DigitalEssence

    Joined:
    May 21, 2014
    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Thanks for the link to your post.

    It looks as though I need to add a dns_server directive to my /etc/mail/spamassassin/local.cf file rather than mucking around with resolv.conf.

    I see that URIBL.COM - Realtime URI Blacklist provide public DNS feeds for low volume users and have a nice map but don't know whetehr I just need to ping say ff.uribl.com to find it's IP address to enter into the dns_server config.

    UPDATE:

    I use MailScanner for my spam scanning and while this does use SpamAssassin, it seems that this fix won't work.

    I will continue digging.
     
    #3 DigitalEssence, Feb 21, 2017
    Last edited: Feb 21, 2017
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Have you considered using different resolvers in your /etc/resolv.conf file? For instance, does your data center offer their own resolvers for you to use instead of the Google public resolvers?

    Thank you.
     
  5. DigitalEssence

    Joined:
    May 21, 2014
    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Thanks for everyone's help, I'm all sorted!

    The issue was that the host added my server IP address in resolv.conf where it should have been the Loopback address. Once I'd added this to the top of the list, Exim started to block emails based on RBL checks and then a quick restart of MailScanner and I'm seeing RBL checks in the logs and no blocked messages.

    I've kept in the original Google servers as a fallback (I assume that's how it works) and for anyone else with this issue, here is a copy of my resolv.conf

    > cat resolv.conf
    # Generated by SolusVM
    nameserver 127.0.0.1
    nameserver 8.8.8.8
    nameserver 8.8.4.4


    Thanks,

    Heds
     
    bloatedstoat likes this.
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    I'm happy to see the issue is now resolved. Thank you for updating us with the outcome.
     
Loading...

Share This Page