W dniu 3.04.2024 o 15:25, Matus UHLAR - fantomas pisze:
On 03.04.24 11:18, natan wrote:
Where in pdns-recursor? I use pdns-recursor
/etc/powerdns/recursor.conf
W dniu 3.04.2024 o 13:17, Matus UHLAR - fantomas pisze:
This is not about pdns-recursor itself. It's about using own
recursing DNS server
- you you don't use DNS server of your ISP, google(8.8.8.8/8.8.4.4),
cloudflare(1.1.1.1) or quad-nine (9.9.9.9)
look into your /etc/resolv.conf or SpamAssassin's configuration of
"dns_server" (if there's none, /etc/resolv.conf is used).
On 03.04.24 14:34, natan wrote:
cat /etc/resolv.conf
nameserver 127.0.0.1
so apparently you only use locally installed DNS server which I assume
is powerdns-recursor.
I guess your powerdns-recursor is not configured to forward lookups to
other DNS servers but your ISP still may redirect DNS lookups to its
servers.
How many mail does your machine process daily?
spamhaus limits to about 100k lookups daily.
~200K
according to SA docs:
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/DnsBlocklists
since spamassassin 3.4 it should be enough to disable spamhaus lookups:
dns_query_restriction deny spamhaus.org
or probably split to these:
For test I add i local.cf
dns_query_restriction deny zen.spamhaus.org
dns_query_restriction deny dbl.spamhaus.org
dns_query_restriction deny zen.spamhaus.org
dns_query_restriction deny dbl.spamhaus.org
(if you lates find out one of those would work)
--
