Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SpamAssassin>
  3. users
DNS Help
fatherofnine at benham
Sep 11, 2023, 10:35 AM
Post #1 of 7 (343 views)
Permalink
Ok, I need some guidance.  I am getting a lot of this:


 0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL
was blocked.
                            See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
                             for more information.
 0.0 URIBL_DBL_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to
                            dbl.spamhaus.org was blocked due to usage of an
                             open resolver. See
                            https://www.spamhaus.org/returnc/pub/


I have done a lot of searches on the 'Net but I'm still coming up
blank.  Everything I read says to install a local resolver, so I've
installed unbound.  According to the log, queries are being answered by
unbound, but I'm still getting the errors indicated above.  I'm guessing
that the requests are... being forwarded to a public DNS server?  I
assume that, at some point, that has to happen...?  What am I missing? 
What do I need to do/change?  What log files do I need to provide to
help?  I'm just not sure where to go from here.


D
Re: DNS Help [ In reply to ]
users at spamassassin
Sep 11, 2023, 10:45 AM
Post #2 of 7 (343 views)
Permalink
On 9/11/23 10:35 AM, D Benham wrote:
> Ok, I need some guidance.  I am getting a lot of this:
>
>
>  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL
> was blocked.
>                             See
> http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
>                              for more information.
>  0.0 URIBL_DBL_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to
>                             dbl.spamhaus.org was blocked due to usage
> of an
>                              open resolver. See
>                             https://www.spamhaus.org/returnc/pub/
>
>
> I have done a lot of searches on the 'Net but I'm still coming up
> blank.  Everything I read says to install a local resolver, so I've
> installed unbound.  According to the log, queries are being answered
> by unbound, but I'm still getting the errors indicated above.  I'm
> guessing that the requests are... being forwarded to a public DNS
> server?  I assume that, at some point, that has to happen...?  What am
> I missing?  What do I need to do/change?  What log files do I need to
> provide to help?  I'm just not sure where to go from here.
>
>
> D
>

I had this issue as well and installed unbound.  In addition to that, I
had to configure Spamassassin to point to the local resolver and my
URIBL_BLOCKED issue pretty much went away.

Tom
Re: DNS Help [ In reply to ]
ricky.boone at gmail
Sep 11, 2023, 5:40 PM
Post #3 of 7 (338 views)
Permalink
Many RBLs have policies in place against open resolvers, such as
Google DNS, OpenDNS, etc. You're on the right track, you need a local
resolver that is configured to query directly to the authoritative DNS
server.

Unbound, or any local resolver, would need to be configured to use
root hints to resolve directly, rather than go thru a forwarder. Is
unbound configured to use a forwarder?

On Mon, Sep 11, 2023 at 1:35?PM D Benham <fatherofnine@benham.net> wrote:
>
> Ok, I need some guidance. I am getting a lot of this:
>
>
> 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL
> was blocked.
> See
> http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
> for more information.
> 0.0 URIBL_DBL_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to
> dbl.spamhaus.org was blocked due to usage of an
> open resolver. See
> https://www.spamhaus.org/returnc/pub/
>
>
> I have done a lot of searches on the 'Net but I'm still coming up
> blank. Everything I read says to install a local resolver, so I've
> installed unbound. According to the log, queries are being answered by
> unbound, but I'm still getting the errors indicated above. I'm guessing
> that the requests are... being forwarded to a public DNS server? I
> assume that, at some point, that has to happen...? What am I missing?
> What do I need to do/change? What log files do I need to provide to
> help? I'm just not sure where to go from here.
>
>
> D
>
Re: DNS Help [ In reply to ]
uhlar at fantomas
Sep 11, 2023, 11:51 PM
Post #4 of 7 (338 views)
Permalink
On 11.09.23 10:35, D Benham wrote:
>Ok, I need some guidance.? I am getting a lot of this:
>
>
>?0.0 URIBL_BLOCKED????????? ADMINISTRATOR NOTICE: The query to URIBL
>was blocked.
>??????????????????????????? See
>http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
>???????????????????????????? for more information.
>?0.0 URIBL_DBL_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to
>??????????????????????????? dbl.spamhaus.org was blocked due to usage of an
>???????????????????????????? open resolver. See
>??????????????????????????? https://www.spamhaus.org/returnc/pub/
>
>I have done a lot of searches on the 'Net but I'm still coming up
>blank.? Everything I read says to install a local resolver, so I've
>installed unbound.? According to the log, queries are being answered
>by unbound, but I'm still getting the errors indicated above.? I'm
>guessing that the requests are... being forwarded to a public DNS
>server?? I assume that, at some point, that has to happen...?? What am
>I missing?? What do I need to do/change?? What log files do I need to
>provide to help?? I'm just not sure where to go from here.

have you also read the link(s) above?

SA explains the problem and how to avoid it, namely points to:

https://cwiki.apache.org/confluence/display/SPAMASSASSIN/CachingNameserver

Unfortunately, the current page does NOT have A name="dnsbl-block", which
should be fixed.

Is anyone familiar with this wiki?

--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I'm not interested in your website anymore.
If you need cookies, bake them yourself.
Re: DNS Help [ In reply to ]
sausers-20150205 at billmail
Sep 12, 2023, 6:07 AM
Post #5 of 7 (338 views)
Permalink
On 2023-09-12 at 02:51:46 UTC-0400 (Tue, 12 Sep 2023 08:51:46 +0200)
Matus UHLAR - fantomas <uhlar@fantomas.sk>
is rumored to have said:

> On 11.09.23 10:35, D Benham wrote:
>> Ok, I need some guidance.  I am getting a lot of this:
>>
>>
>>  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query
>> to URIBL was blocked.
>>                             See
>> http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
>>                              for more
>> information.
>>  0.0 URIBL_DBL_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to
>>                            
>> dbl.spamhaus.org was blocked due to usage of an
>>                              open
>> resolver. See
>>                            
>> https://www.spamhaus.org/returnc/pub/
>>
>> I have done a lot of searches on the 'Net but I'm still coming up
>> blank.  Everything I read says to install a local resolver, so I've
>> installed unbound.  According to the log, queries are being answered
>> by unbound, but I'm still getting the errors indicated above.  I'm
>> guessing that the requests are... being forwarded to a public DNS
>> server?  I assume that, at some point, that has to happen...?  What
>> am I missing?  What do I need to do/change?  What log files do I
>> need to provide to help?  I'm just not sure where to go from here.
>
> have you also read the link(s) above?
>
> SA explains the problem and how to avoid it, namely points to:
>
> https://cwiki.apache.org/confluence/display/SPAMASSASSIN/CachingNameserver
>
> Unfortunately, the current page does NOT have A name="dnsbl-block",
> which should be fixed.
>
> Is anyone familiar with this wiki?

I believe that anyone with committer status in the SA repo can fix it.

At first I was mystified by your problem description, but I believe I
have fixed the issue (corrected the anchor in the referring link to
"DnsBlocklists-dnsbl-block")


--
Bill Cole
bill@scconsult.com or billcole@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
Re: DNS Help [ In reply to ]
uhlar at fantomas
Sep 12, 2023, 9:44 AM
Post #6 of 7 (338 views)
Permalink
>>On 11.09.23 10:35, D Benham wrote:
>>>Ok, I need some guidance.? I am getting a lot of this:
>>>
>>>
>>>?0.0 URIBL_BLOCKED????????? ADMINISTRATOR NOTICE: The query to
>>>URIBL was blocked.
>>>??????????????????????????? See
>>>http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
>>>???????????????????????????? for more information.

>On 2023-09-12 at 02:51:46 UTC-0400 (Tue, 12 Sep 2023 08:51:46 +0200)
>Matus UHLAR - fantomas <uhlar@fantomas.sk>
>is rumored to have said:
>>have you also read the link(s) above?
>>
>>SA explains the problem and how to avoid it, namely points to:
>>
>>https://cwiki.apache.org/confluence/display/SPAMASSASSIN/CachingNameserver
>>
>>Unfortunately, the current page does NOT have A name="dnsbl-block",
>>which should be fixed.
>>
>>Is anyone familiar with this wiki?

On 12.09.23 09:07, Bill Cole wrote:
>I believe that anyone with committer status in the SA repo can fix it.
>
>At first I was mystified by your problem description, but I believe I
>have fixed the issue (corrected the anchor in the referring link to
>"DnsBlocklists-dnsbl-block")

I meant that the http://wiki.apache.org/spamassassin/DnsBlocklists page has
no anchor named "dnsbl-block", thus "DnsBlocklists#dnsbl-block" points to
the beginning of document.

I'd expect it to point to the first Q&A segment where the problem and
solutions are explained.

--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Saving Private Ryan...
Private Ryan exists. Overwrite? (Y/N)
Re: DNS Help [ In reply to ]
sausers-20150205 at billmail
Sep 12, 2023, 10:43 AM
Post #7 of 7 (338 views)
Permalink
On 2023-09-12 at 12:44:31 UTC-0400 (Tue, 12 Sep 2023 18:44:31 +0200)
Matus UHLAR - fantomas <uhlar@fantomas.sk>
is rumored to have said:

>>> On 11.09.23 10:35, D Benham wrote:
>>>> Ok, I need some guidance.  I am getting a lot of this:
>>>>
>>>>
>>>>  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The
>>>> query to URIBL was blocked.
>>>>                             See
>>>> http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
>>>>                              for more
>>>> information.
>
>> On 2023-09-12 at 02:51:46 UTC-0400 (Tue, 12 Sep 2023 08:51:46 +0200)
>> Matus UHLAR - fantomas <uhlar@fantomas.sk>
>> is rumored to have said:
>>> have you also read the link(s) above?
>>>
>>> SA explains the problem and how to avoid it, namely points to:
>>>
>>> https://cwiki.apache.org/confluence/display/SPAMASSASSIN/CachingNameserver
>>>
>>> Unfortunately, the current page does NOT have A name="dnsbl-block",
>>> which should be fixed.
>>>
>>> Is anyone familiar with this wiki?
>
> On 12.09.23 09:07, Bill Cole wrote:
>> I believe that anyone with committer status in the SA repo can fix
>> it.
>>
>> At first I was mystified by your problem description, but I believe I
>> have fixed the issue (corrected the anchor in the referring link to
>> "DnsBlocklists-dnsbl-block")
>
> I meant that the http://wiki.apache.org/spamassassin/DnsBlocklists
> page has no anchor named "dnsbl-block", thus
> "DnsBlocklists#dnsbl-block" points to the beginning of document.

More precisely, it used to point to a non-existent anchor name, hence
browsers went to the top of that page.

I've corrected the link on the CachingNameserver page to the FAQ on
blocking to point to he existing anchor named
'DnsBlocklists-dnsbl-block'

> I'd expect it to point to the first Q&A segment where the problem and
> solutions are explained.

That's the spot.

--
Bill Cole
bill@scconsult.com or billcole@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal