On 8/21/12 10:06 AM, /dev/rob0 wrote:
On Tue, Aug 21, 2012 at 09:45:50AM -0500,
Alfonso Alejandro Reyes Jiménez wrote:
Thanks for the tip but I have bind running and it seems not to be
allowed to make queries to spamhaus:
[root@mail ~]# dig 2.0.0.127.zen.spamhaus.org any
;<<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2<<>>
2.0.0.127.zen.spamhaus.org any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35309
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.0.0.127.zen.spamhaus.org. IN ANY
;; AUTHORITY SECTION:
zen.spamhaus.org. 6 IN SOA need.to.know.only.
hostmaster.spamhaus.org. 1208211440 3600 600 432000 150
;; Query time: 71 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Aug 21 09:44:12 2012
;; MSG SIZE rcvd: 108
[root@mail ~]#
Here's the DNS config part:
[root@mail ~]# vi /etc/resolv.conf
# Generated by NetworkManager
nameserver 127.0.0.1
The BIND forwarding is made to a public dns do you think that could
be the problem?
rob0 quoted from upthread:
If you're using a nameserver external to you, such as Google
Public DNS or any ISP's resolver, there is a very good chance that
Spamhaus is blocking your queries.
If my guess is right, you can possibly fix it by installing and
using your own local caching resolver, i.e., BIND named(8) or
other implementation of DNS recursion. Offer void where taxed or
That was my guess. Now it seems to be confirmed. Remove the
forwarders from named.conf(5), ensure that recursion is allowed at
least for "localhost"[1], "rndc reload", test again. If the test
fails again, you might have to flush the cache. Another rndc(8)
subcommand can do that also.
We're off topic here. If you need further help with BIND, follow up
on the bind-users mailing list at ISC.org. Or, see my URL below; I
can fix this for a minimal fee.
That did the trick thanks to everyone that tried to help me with my issue.
Regards.
Alfonso.
