Mailing List Archive

Hi
Where in  pdns-recursor? I use pdns-recursor

/etc/powerdns/recursor.conf

W dniu 3.04.2024 o 11:10, Reindl Harald (privat) pisze:
> use unbound as caching resolver and configure TTL properly
>
> cache-min-ttl: 60
> cache-max-negative-ttl: 60
>
> Am 03.04.24 um 11:06 schrieb natan:
>> Hi
>> I must chane or disable permanently spamhaus.net and all everything
>> he uses.
>>
>> They calculated the rate so much that I couldn't afford to use their
>> toys
>>
>> Does anyone have an interesting solution to this problem?
>> Or maybe some other lists connected?
>

--

> I must chane or disable permanently spamhaus.net and all everything he
> uses.
>
> They calculated the rate so much that I couldn't afford to use their toys
>
> Does anyone have an interesting solution to this problem?
> Or maybe some other lists connected?
>

Do you really need url checking? Maybe you can make a caching servlet so you do not send duplicate requests? I am thinking of doing this for geo / reverse geo lookups.

Hi
IRTFM beacuse I use pdns-recursor where
max-cache-ttl default is 86400
ecs-minimum-ttl-override=60
minimum-ttl-override=60


W dniu 3.04.2024 o 11:23, Reindl Harald (privat) pisze:
>
>
> Am 03.04.24 um 11:18 schrieb natan:
>> Hi
>> Where in  pdns-recursor? I use pdns-recursor
>>
>> /etc/powerdns/recursor.conf
>
> RTFM or switch to unbound
>
> the point is if you ignore the short TTL you trigger only a small
> subset of outbound dns requests and shouldn't note any difference
>
>> W dniu 3.04.2024 o 11:10, Reindl Harald (privat) pisze:
>>> use unbound as caching resolver and configure TTL properly
>>>
>>> cache-min-ttl: 60
>>> cache-max-negative-ttl: 60
>>>
>>> Am 03.04.24 um 11:06 schrieb natan:
>>>> Hi
>>>> I must chane or disable permanently spamhaus.net and all everything
>>>> he uses.
>>>>
>>>> They calculated the rate so much that I couldn't afford to use
>>>> their toys
>>>>
>>>> Does anyone have an interesting solution to this problem?
>>>> Or maybe some other lists connected?
>

--

W dniu 3.04.2024 o 11:20, Marc pisze:
>> I must chane or disable permanently spamhaus.net and all everything he
>> uses.
>>
>> They calculated the rate so much that I couldn't afford to use their toys
>>
>> Does anyone have an interesting solution to this problem?
>> Or maybe some other lists connected?
>>
> Do you really need url checking? Maybe you can make a caching servlet so you do not send duplicate requests? I am thinking of doing this for geo / reverse geo lookups.
I try naw disable:

URIBL_SBL 0
URIBL_CSS 0
URIBL_SBL_A URIBL_CSS_A 0
URIBL_ZEN_BLOCKED_OPENDNS 0
URIBL_ZEN_BLOCKED 0
URIBL_DBL_SPAM 0
 URIBL_DBL_PHISH 0
URIBL_DBL_MALWARE 0
URIBL_DBL_BOTNETCC 0
URIBL_DBL_ABUSE_SPAM 0
URIBL_DBL_ABUSE_REDIR 0
URIBL_DBL_ABUSE_PHISH 0
URIBL_DBL_ABUSE_MALW 0
URIBL_DBL_ABUSE_BOTCC 0
URIBL_DBL_ERROR 0
URIBL_DBL_BLOCKED_OPENDNS URIBL_DBL_BLOCKED 0

Is that enough ?

>

--

On 03.04.24 11:18, natan wrote:
>Where in? pdns-recursor? I use pdns-recursor
>
>/etc/powerdns/recursor.conf

This is not about pdns-recursor itself. It's about using own recursing DNS
server

- you you don't use DNS server of your ISP, google(8.8.8.8/8.8.4.4),
cloudflare(1.1.1.1) or quad-nine (9.9.9.9)

look into your /etc/resolv.conf or SpamAssassin's configuration of
"dns_server" (if there's none, /etc/resolv.conf is used).

>W dniu 3.04.2024 o?11:10, Reindl Harald (privat) pisze:
>>use unbound as caching resolver and configure TTL properly
>>
>>cache-min-ttl: 60
>>cache-max-negative-ttl: 60
>>
>>Am 03.04.24 um 11:06 schrieb natan:
>>>Hi
>>>I must chane or disable permanently spamhaus.net and all
>>>everything he uses.
>>>
>>>They calculated the rate so much that I couldn't afford to use
>>>their toys
>>>
>>>Does anyone have an interesting solution to this problem?
>>>Or maybe some other lists connected?
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Enter any 12-digit prime number to continue.

natan skrev den 2024-04-03 11:06:

> I must chane or disable permanently spamhaus.net and all everything he
> uses.

+1

> They calculated the rate so much that I couldn't afford to use their
> toys

+1

> Does anyone have an interesting solution to this problem?
> Or maybe some other lists connected?

more verbose info on how you use dns in your server setup is needed

local resolver is payed

no local resolver, no good results, your choice

Hi
In this machine I use
cat /etc/resolv.conf
nameserver 127.0.0.1


W dniu 3.04.2024 o 14:18, Benny Pedersen pisze:
> natan skrev den 2024-04-03 11:06:
>
>> I must chane or disable permanently spamhaus.net and all everything he
>> uses.
>
> +1
>
>> They calculated the rate so much that I couldn't afford to use their
>> toys
>
> +1
>
>> Does anyone have an interesting solution to this problem?
>> Or maybe some other lists connected?
>
> more verbose info on how you use dns in your server setup is needed
>
> local resolver is payed
>
> no local resolver, no good results, your choice
>
>

--

W dniu 3.04.2024 o 13:17, Matus UHLAR - fantomas pisze:
> On 03.04.24 11:18, natan wrote:
>> Where in  pdns-recursor? I use pdns-recursor
>>
>> /etc/powerdns/recursor.conf
>
> This is not about pdns-recursor itself. It's about using own recursing
> DNS server
>
> - you you don't use DNS server of your ISP, google(8.8.8.8/8.8.4.4),  
> cloudflare(1.1.1.1) or quad-nine (9.9.9.9)
>
> look into your /etc/resolv.conf or SpamAssassin's configuration of
> "dns_server" (if there's none, /etc/resolv.conf is used).
>
cat /etc/resolv.conf
nameserver 127.0.0.1

>> W dniu 3.04.2024 o 11:10, Reindl Harald (privat) pisze:
>>> use unbound as caching resolver and configure TTL properly
>>>
>>> cache-min-ttl: 60
>>> cache-max-negative-ttl: 60
>>>
>>> Am 03.04.24 um 11:06 schrieb natan:
>>>> Hi
>>>> I must chane or disable permanently spamhaus.net and all everything
>>>> he uses.
>>>>
>>>> They calculated the rate so much that I couldn't afford to use
>>>> their toys
>>>>
>>>> Does anyone have an interesting solution to this problem?
>>>> Or maybe some other lists connected?

--

>>On 03.04.24 11:18, natan wrote:
>>>Where in? pdns-recursor? I use pdns-recursor
>>>
>>>/etc/powerdns/recursor.conf

>W dniu 3.04.2024 o?13:17, Matus UHLAR - fantomas pisze:
>>This is not about pdns-recursor itself. It's about using own
>>recursing DNS server
>>
>>- you you don't use DNS server of your ISP, google(8.8.8.8/8.8.4.4),
>>? cloudflare(1.1.1.1) or quad-nine (9.9.9.9)
>>
>>look into your /etc/resolv.conf or SpamAssassin's configuration of
>>"dns_server" (if there's none, /etc/resolv.conf is used).

On 03.04.24 14:34, natan wrote:
>cat /etc/resolv.conf
>nameserver 127.0.0.1

so apparently you only use locally installed DNS server which I assume is
powerdns-recursor.

I guess your powerdns-recursor is not configured to forward lookups to other
DNS servers but your ISP still may redirect DNS lookups to its servers.

How many mail does your machine process daily?
spamhaus limits to about 100k lookups daily.

according to SA docs:

https://cwiki.apache.org/confluence/display/SPAMASSASSIN/DnsBlocklists

since spamassassin 3.4 it should be enough to disable spamhaus lookups:

dns_query_restriction deny spamhaus.org

or probably split to these:

dns_query_restriction deny zen.spamhaus.org
dns_query_restriction deny dbl.spamhaus.org

(if you lates find out one of those would work)

--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistics are made up on the spot.

W dniu 3.04.2024 o 15:25, Matus UHLAR - fantomas pisze:
>>> On 03.04.24 11:18, natan wrote:
>>>> Where in  pdns-recursor? I use pdns-recursor
>>>>
>>>> /etc/powerdns/recursor.conf
>
>> W dniu 3.04.2024 o 13:17, Matus UHLAR - fantomas pisze:
>>> This is not about pdns-recursor itself. It's about using own
>>> recursing DNS server
>>>
>>> - you you don't use DNS server of your ISP, google(8.8.8.8/8.8.4.4),
>>>   cloudflare(1.1.1.1) or quad-nine (9.9.9.9)
>>>
>>> look into your /etc/resolv.conf or SpamAssassin's configuration of
>>> "dns_server" (if there's none, /etc/resolv.conf is used).
>
> On 03.04.24 14:34, natan wrote:
>> cat /etc/resolv.conf
>> nameserver 127.0.0.1
>
> so apparently you only use locally installed DNS server which I assume
> is powerdns-recursor.
>
> I guess your powerdns-recursor is not configured to forward lookups to
> other DNS servers but your ISP still may redirect DNS lookups to its
> servers.
>
> How many mail does your machine process daily?
> spamhaus limits to about 100k lookups daily.
~200K
>
> according to SA docs:
>
> https://cwiki.apache.org/confluence/display/SPAMASSASSIN/DnsBlocklists
>
> since spamassassin 3.4 it should be enough to disable spamhaus lookups:
>
> dns_query_restriction deny spamhaus.org
>
> or probably split to these:
>
For test I add i local.cf
dns_query_restriction deny zen.spamhaus.org
dns_query_restriction deny dbl.spamhaus.org

> dns_query_restriction deny zen.spamhaus.org
> dns_query_restriction deny dbl.spamhaus.org
>
> (if you lates find out one of those would work)
>

--