From email at ace.net.au  Fri Feb  9 06:28:47 2024
From: email at ace.net.au (Peter)
Date: Fri, 09 Feb 2024 16:58:47 +1030
Subject: Any new techniques?
In-Reply-To: <alpine.DEB.2.02.1502161354450.26229@sisler.hq.richweb.com>
References: <11375BD8FE838A409E10DB32B9BFFE9BAB7262@addc01.assuredata.local>
 <alpine.DEB.2.02.1502161354450.26229@sisler.hq.richweb.com>
Message-ID: <202402091658470728.0479027F@mail2.ace.net.au>

Hi, Can anyone provide some notes on adding rbldnsd zones to unbound?

I have been having trouble running bind and rbldnsd on the same server, so
thought I would try unbound.   The notes I have so far found for both
rbldnsd and unbound are scarce and I haven't found anything useful about
the two together.

My rbldnsd is working well on a separate server to bind, but I would like
to delete a server.   I think it's updated security on recent bind versions
that is the problem,

Any help or pointers appreciated.


*********** REPLY SEPARATOR  ***********

On 16/02/2015 at 1:56 PM C. Jon Larsen wrote:

>> Also, Is there a way to create your own on-server URIBL, that way as
>> soon as an email comes in with a URL that was not detected by the
>> official URIBL, I could create a small program to add it locally?
>
>yes, you can install the rbldnsd package and serve your own uri dbls right

>out of it via a simple text file. Setup SA rules to query it, and you are 
>set. We use unbound dns caches to lessen the dns query load so another 
>step for us is to point the caches at the rbl instance via unbound dns 
>static routes.
>
>
>> Thanks,
>> Max
>> -- 
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>>
>>
>-- 
>MailScanner mailing list
>mailscanner at lists.mailscanner.info
>http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>Before posting, read http://wiki.mailscanner.info/posting
>
>Support MailScanner development - buy the book off the website!




From mailscanner-list at okla.com  Fri Feb  9 14:13:18 2024
From: mailscanner-list at okla.com (Tracy Greggs)
Date: Fri, 09 Feb 2024 14:13:18 +0000
Subject: Any new techniques?
In-Reply-To: <202402091658470728.0479027F@mail2.ace.net.au>
References: <11375BD8FE838A409E10DB32B9BFFE9BAB7262@addc01.assuredata.local>
 <alpine.DEB.2.02.1502161354450.26229@sisler.hq.richweb.com>
 <202402091658470728.0479027F@mail2.ace.net.au>
Message-ID: <ema80dfb94-ea30-4415-a741-04ae0521fa78@01ec4777.com>

I've been running rbldnsd and bind on the same server for years.

I created a fake zone, ie clients.blocked.rbl and have rbldnsd listening 
on port 530 instead of 53

I create a forward zone in bind for clients.blocked.rbl

zone  "clients.blocked.rbl" IN {
         type forward;
         forward first;
         forwarders { 127.0.0.1 port 530; };
};

And rbldnsd.wrapper

  RBLDNSD='- -r /var/lib/rbldns -l rbldnsd.log -b 127.0.0.1/530 
clients.blocked.rbl:dnset:nrd,iats,udrp'

I have,  dnssec-validation no;

I'm running on Ubuntu 20.04 LTS but this should be the same on any 
distro really.

Good luck.



------ Original Message ------
>From "Peter" <email at ace.net.au>
To mailscanner at lists.mailscanner.info
Date 2/9/2024 12:28:47 AM
Subject Re: Any new techniques?

>Hi, Can anyone provide some notes on adding rbldnsd zones to unbound?
>
>I have been having trouble running bind and rbldnsd on the same server, so
>thought I would try unbound.   The notes I have so far found for both
>rbldnsd and unbound are scarce and I haven't found anything useful about
>the two together.
>
>My rbldnsd is working well on a separate server to bind, but I would like
>to delete a server.   I think it's updated security on recent bind versions
>that is the problem,
>
>Any help or pointers appreciated.
>
>
>*********** REPLY SEPARATOR  ***********
>
>On 16/02/2015 at 1:56 PM C. Jon Larsen wrote:
>
>>>  Also, Is there a way to create your own on-server URIBL, that way as
>>>  soon as an email comes in with a URL that was not detected by the
>>>  official URIBL, I could create a small program to add it locally?
>>
>>yes, you can install the rbldnsd package and serve your own uri dbls right
>
>>out of it via a simple text file. Setup SA rules to query it, and you are
>>set. We use unbound dns caches to lessen the dns query load so another
>>step for us is to point the caches at the rbl instance via unbound dns
>>static routes.
>>
>>
>>>  Thanks,
>>>  Max
>>>  --
>>>  MailScanner mailing list
>>>mailscanner at lists.mailscanner.info
>>>http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>>
>>>  Before posting, read http://wiki.mailscanner.info/posting
>>>
>>>  Support MailScanner development - buy the book off the website!
>>>
>>>
>>--
>>MailScanner mailing list
>>mailscanner at lists.mailscanner.info
>>http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>>Before posting, read http://wiki.mailscanner.info/posting
>>
>>Support MailScanner development - buy the book off the website!
>
>
>
>
>
>--
>MailScanner mailing list
>mailscanner at lists.mailscanner.info
>http://lists.mailscanner.info/mailman/listinfo/mailscanner
>

From rodney at rcrcomputing.com  Fri Feb  9 17:05:09 2024
From: rodney at rcrcomputing.com (Rodney Richison)
Date: Fri, 9 Feb 2024 11:05:09 -0600
Subject: Any new techniques?
In-Reply-To: <ema80dfb94-ea30-4415-a741-04ae0521fa78@01ec4777.com>
References: <11375BD8FE838A409E10DB32B9BFFE9BAB7262@addc01.assuredata.local>
 <alpine.DEB.2.02.1502161354450.26229@sisler.hq.richweb.com>
 <202402091658470728.0479027F@mail2.ace.net.au>
 <ema80dfb94-ea30-4415-a741-04ae0521fa78@01ec4777.com>
Message-ID: <1929b8da-3eef-47a7-ac45-2efe970b2d27@rcrcomputing.com>

Know nothing about unbound.

I had a big issue awhile back getting rbldnsd to run after upgrading to 
focal. Here's what I did in case is helpful.
I had to hold back the rbldnsd package to previous version.

 ?apt-mark hold rbldnsd

Then upgraded to focal.
 ??? It did honor it! Now have the previous version after upgrading and 
all is well.

 ??? Still had to add this to get bind dns back up.

 ??? Open /etc/bind/named.conf.options and add:

 ??? dnssec-enable yes;

 ??? dnssec-validation no;

##################? Notes on testing rbldnsd ########################
To test rbldnsd:
See if listening on port.
netstat -anpe|grep rbldns

Test rbldnsd? REVERSE IP OCTETS
dig @127.0.0.1 -p 530 13.132.68.51.rcr24.local.rbl
Answer section will be 127.0.0.2

Test bind? REVERSE IP
dig @127.0.0.1 13.132.68.51.rcr24.local.rbl
Answer section will be 127.0.0.2

dig @127.0.0.1 13.132.68.51.rcr24.local.rbl -t txt
Answer section will be something like this:??? Address 51.68.132.13 
listed on rcr24 Wed 10 Jan 2024 11:45:16 AM CST

You can repeat the test with 'dig drugstore.com.hosts.blocked.rbl' to 
test a host block. You should get similar results.

############################################################################################

On 2/9/2024 8:13 AM, Tracy Greggs via MailScanner wrote:
> I've been running rbldnsd and bind on the same server for years.
>
> I created a fake zone, ie clients.blocked.rbl and have rbldnsd 
> listening on port 530 instead of 53
>
> I create a forward zone in bind for clients.blocked.rbl
>
> zone? "clients.blocked.rbl" IN {
> ??????? type forward;
> ??????? forward first;
> ??????? forwarders { 127.0.0.1 port 530; };
> };
>
> And rbldnsd.wrapper
>
> ?RBLDNSD='- -r /var/lib/rbldns -l rbldnsd.log -b 127.0.0.1/530 
> clients.blocked.rbl:dnset:nrd,iats,udrp'
>
> I have,? dnssec-validation no;
>
> I'm running on Ubuntu 20.04 LTS but this should be the same on any 
> distro really.
>
> Good luck.
>
>
>
> ------ Original Message ------
> From "Peter" <email at ace.net.au>
> To mailscanner at lists.mailscanner.info
> Date 2/9/2024 12:28:47 AM
> Subject Re: Any new techniques?
>
>> Hi, Can anyone provide some notes on adding rbldnsd zones to unbound?
>>
>> I have been having trouble running bind and rbldnsd on the same 
>> server, so
>> thought I would try unbound.?? The notes I have so far found for both
>> rbldnsd and unbound are scarce and I haven't found anything useful about
>> the two together.
>>
>> My rbldnsd is working well on a separate server to bind, but I would 
>> like
>> to delete a server.?? I think it's updated security on recent bind 
>> versions
>> that is the problem,
>>
>> Any help or pointers appreciated.
>>
>>
>> *********** REPLY SEPARATOR? ***********
>>
>> On 16/02/2015 at 1:56 PM C. Jon Larsen wrote:
>>
>>>> ?Also, Is there a way to create your own on-server URIBL, that way as
>>>> ?soon as an email comes in with a URL that was not detected by the
>>>> ?official URIBL, I could create a small program to add it locally?
>>>
>>> yes, you can install the rbldnsd package and serve your own uri dbls 
>>> right
>>
>>> out of it via a simple text file. Setup SA rules to query it, and 
>>> you are
>>> set. We use unbound dns caches to lessen the dns query load so another
>>> step for us is to point the caches at the rbl instance via unbound dns
>>> static routes.
>>>
>>>
>>>> ?Thanks,
>>>> ?Max
>>>> ?--
>>>> ?MailScanner mailing list
>>>> mailscanner at lists.mailscanner.info
>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>>>
>>>> ?Before posting, read http://wiki.mailscanner.info/posting
>>>>
>>>> ?Support MailScanner development - buy the book off the website!
>>>>
>>>>
>>> -- 
>>> MailScanner mailing list
>>> mailscanner at lists.mailscanner.info
>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>>
>>> Before posting, read http://wiki.mailscanner.info/posting
>>>
>>> Support MailScanner development - buy the book off the website!
>>
>>
>>
>>
>>
>> -- 
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>
>

-- 
-- 
Stop and THINK before clicking a link or opening attachments.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20240209/4c3c357b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Signature Rodney.gif
Type: image/gif
Size: 10295 bytes
Desc: not available
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20240209/4c3c357b/attachment.gif>

From kenneth at khansen-it.dk  Fri Feb 16 21:22:33 2024
From: kenneth at khansen-it.dk (Kenneth Hansen)
Date: Fri, 16 Feb 2024 21:22:33 +0000 (UTC)
Subject: Spamhaus DQS and MailScanner
Message-ID: <48-65cfd200-3-5a95e000@242006210>


Hi all
I hope to find a little help as I am unable to find out how to configure MailScanner to use the SpamHaus DQS service instead of open one, as my system is running on OVHCloud and they are blocked due being an "open relay" in terms of the DNS lookups.
I tried adjusting the spam.lists.conf file, but it did not seem to change and it seems the only place I could find where the lists are configured
??????
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20240216/39267f0a/attachment.html>