Ed Abbott wrote: > $ host websiterepairguy.com.multi.surbl.org > websiterepairguy.com.multi.surbl.org has address 184.106.15.239 > websiterepairguy.com.multi.surbl.org has address 69.16.143.110 > Host websiterepairguy.com.multi.surbl.org not found: 3(NXDOMAIN)
The first two responses here indicate something *very* wrong with the results you're getting on DNS lookups. URI and IP blacklists, by convention, return an IP in 127.0.0.0/8 - ie, an IP between 127.0.0.0 and 127.255.255.255. Exactly what is returned depends on the list and how they combine multiple logical lists into a single set of DNS data. John Hardin's advice about checking your resolv.conf and BIND configuration to make sure it's really doing its own work instead of just passing the requests to your ISP's DNS cache servers is the next thing to check. A caching-only BIND configuration should be pretty bare (apart from commented-out directives - lines with a leading '//' or ';' ) but in particular for this problem, there should be no "forwarders" sections. If that seems clean, it's possible that your ISP has gone to the effort of silently redirecting all DNS requests to their own servers. (I can't think of any good reasons to do this, but some major ISPs seem to get bizarre directives from upper management on a regular basis.) Checking the IPs returned above in a browser redirects to a Road Runner page that indicates they're definitely meddling with DNS responses at some level. :( You noted in another message you're on Time-Warner cable; I'm not familiar with the reseller agreements US ISPs might have but at some level you're getting responses from a Road Runner system. I don't know if there's a way you can "opt out" of this. -kgd
