Heads up for spamhaus.org problems

DAve dave.list at pixelhammer.com
Tue Aug 21 04:05:55 IST 2007 

Richard Potter wrote:
> On Mon, Aug 20, 2007 at 11:34:05PM +0200, Alex Broens wrote:
> 
>> On 8/20/2007 11:22 PM, Tim Boyer wrote:
>>> On Sun, 19 Aug 2007 22:02:01 -0400, Richard Potter <rpotter at rpcs.net> 
>>> wrote:
>>>
>>>> On Mon, Aug 20, 2007 at 12:34:23AM +0200, Raymond Dijkxhoorn wrote:
>>>>
>>>>>> Just doing a routine check here, and I have a few mail servers 
>>>>>> misbehaving. It
>>>>>> *appears* sendmail dnsbl to zen.spamhaus.org is timing out, and causing 
>>>>>> mail
>>>>>> delivery delays, or none at all.
>>>>>>
>>>>>> I'm going to discontinue spamhaus, and see what happens.
>>>>> Buy rsync from them. Most likely you fire a lot of lookups on their 
>>>>> servers and they started to ban high volume mailservers some time ago.
>>>>> We have seen this in a lot of places allready.
>>>>>
>>>>> May i ask how much mail are you processing daily?
>>>> Thanks for the reply Raymond.. I wasn't aware they were doing that. These
>>>> are low volume servers, less than 2,000 messages per day. Does that count
>>>> as "high volume" to spamhaus?
>>>>
>>>> Richard
>>> "Use of the Spamhaus DNSBLs via DNS queries to our public DNSBL mirrors is 
>>> free
>>> for low-traffic mail servers serving less than 100 users. Use of the 
>>> Spamhaus
>>> DNSBLs by commercial or corporate networks, ISPs and ESPs, requires a
>>> subscription to Spamhaus's Data Feed service."
>>>
>>> I'd be shocked if 2,000 messages per day counts as high volume.  That's 20
>>> emails per person per day.
>> no need to be shocked :-)
>>
>> Spamhaus can't block your mail server from doing queries - it blocks 
>> your DNS' access to the root zone - so if you use a DNS which is 
>> querying Xmillion queries/day and your server is only doing 10000/day 
>> then the rest of the X/million+your 10000 makes he count which rates a 
>> block.
> 
> 
> You are exactly right. I was told that off list. I switched the two 
> boxes to an alternative DNS server, and spamhaus worked again.
> 
> I'm not sure why I didn't figure that out on my own. I actually 
> knew/should have known that. It was Sunday, and I might have had a 
> few beers! :-)
> 
> Richard

Are you using a caching server? Possibly it's not the 2000 queries a day 
they block, but the 10,000 needlessly repeated queries from the same DNS 
server.

DAve

-- 
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?

Maybe they forgot who made that choice possible.

More information about the MailScanner mailing list