Re: SA 3.01 eventually stops noticing DNSBLs

[Jay Levitt]

Jeff Chan wrote (quoting Jay Levitt): Nope, that's not it. I've been throwing debug code in bit by bit. (More accurately, I've been re-copying the dbg statements as "warns", because while there's plenty of useful output, there are just too many un-categorized dbg statements to leave debug enabled... sigh.) Looks like every once in a while, the lookup_ns sanity-checks that SA does on well-known domains are returning with zero NS records. Still not sure why that happens yet, or exactly what is going on, but that does understandably lead SA to disable DNSBL processing for a while. Hmm, that sounds like something that may deserve a bugzilla. Can anyone else replicate that behavior? Is your Net::DNS completely current and happy? Yep, 0.48. Have you checked all of your: /etc/resolv.conf $HOME/.resolv.conf ./.resolv.conf for the user mimedefang or SA runs as to make sure they're all correct and all the name servers on them resolve the RBLs correctly? Yep.  The only *resolv.conf file on the system is /etc/resolv.conf. Also when you say "At some point, SA seems to stop doing lookups on the DNSBLs" what is the time scale? Does "At some point" mean at some times of day, after several months of operation and all the time now, for a few hours at a time, for every 6th message, etc.? After it's been running for a few hours, the lookup_ns check (which does a sanity check to make sure we can resolve the nameservers of a well-known domain) seems to fail.  Or, rather, it returns, but with 0 entries in the array.  This causes SA to stop doing any RBL lookups for some period of time. I tried to create a test harness to see if I can replicate this outside of SA, but for some reason, even though I double-checked the code I copied from Dns.pm, I'm getting weird results - it's always giving me the root nameservers, instead of the name servers for each of the domains.  This is true with recurse => 0, recurse => 1, or recurse left out entirely as it is in Dns.pm.  I'm no Perl whiz; can anyone see my mistake?  Code follows: ------------- #!/usr/bin/perl no strict; no warnings; require Net::DNS; require Net::DNS::Resolver; use strict; use warnings; my @EXISTING_DOMAINS = qw{               adelphia.net               akamai.com               apache.org               cingular.com               colorado.edu               comcast.net               doubleclick.com               ebay.com               gmx.net               google.com               intel.com               kernel.org               linux.org               mit.edu               motorola.com               msn.com               sourceforge.net               sun.com               w3.org               yahoo.com             }; my $res = Net::DNS::Resolver->new (                    recurse => 0,                    retry => 1,                    retrans => 0,                    dnsrch => 0,                    defnames => 0,                    tcp_timeout => 3,                    udp_timeout => 3,                    persistent_tcp => 1,                    persistent_udp => 1                   ); die unless defined $res; for(;;) {   my @domains = @EXISTING_DOMAINS;   my $domain = splice(@domains, rand(@domains), 1);   print "trying '$domain'...\n";   lookup_ns($domain); } sub lookup_ns {   my ($self, $dom) = @_;     my $query = $res->search($dom, 'NS');   if ($query) {     foreach my $rr ($query->answer) {       print "type=", $rr->type, ", nsdname=", $rr->nsdname, "\n";     }   }   else {     print "ERROR! no query\n";   } } 1;