On 20 Sep 2015, at 12:57, Jonathan Nichols wrote:
On Sep 18, 2015, at 12:41 AM, Bill Cole
<sausers-20150...@billmail.scconsult.com> wrote:
nd after many hours of trying to determine why which included
reviewing BIND configs and packet captures and dissection, I nailed
it down to SA making DNS queries without the "recursion desired"
flag. Since my local nameservers isn't authoritative for much, this
meant a whole lot of "no answer, no error" DNS replies.
I have 3.4.0 and have noticed this as well. But my NetDNS is 0.78
Not the same root cause then. But read on...
module installed: Net::DNS, version 0.78
everything installed from apt on ubuntu utopic 14.10
URIBL scores have dropped to almost nothing.
Almost nothing != zero, which is what this bug causes. You don't have a
bug, you have a major architectural flaw.
X-Spam-Status: Yes, score=6.084 tagged_above=-999 required=5.31
tests=[BAYES_50=0.8, BOTNET=2.4, BOTNET_NORDNS=0.3, PYZOR_CHECK=1.392,
RDNS_NONE=0.793, SAGREY=0.4, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Your problem is URIBL_BLOCKED. The usual cause of this is running a mail
system that relies on a public-access DNS resolver, although if you have
substantial volume on your system you can have this happen with your own
DNS infrastructure. See http://uribl.com/refused.shtml for details.
Note that if you have a mail system pointed at a free public resolver
like those operated by Google or OpenDNS, you are getting a view of DNS
that is manipulated by the operator to suit their business interests and
a usage model consisting primarily of web browsing with a seasoning of
other personal client uses. Such resolvers are not intended for use by
mail servers and often respond by design in ways that make them grossly
unfit for use by mail servers.
