Page 1 of 1
RBL check timeout bug?
Posted: 01 Nov 2017, 10:24
by marcele
On one of our servers when running csf --rbl <myemail> when I get the email it says:
RBL Check on web0.example.com: [860] failures
Everyone of the IPs has all the RBLs listed in red with no other text. I've manually gone to each of the RBLs and checked the IP addresses and none of them are listed.
I'm thinking that the RBL check times out after a while and silently fails, then sends out the email with the wrong results?
Re: RBL check timeout bug?
Posted: 01 Nov 2017, 10:26
by marcele
Also note that this server has about 20 different IP addresses assigned to it.
Re: RBL check timeout bug?
Posted: 21 Nov 2017, 16:42
by ForumAdmin
That would suggest problems with the output from the HOST command on the server.
You need to reverse the IP address being test and then append the RBL being used and test as follows (e.g. 1.2.3.4 on zen.spamhaus.org would look like):
Code: Select all
# host -t A 4.3.2.1.zen.spamhaus.org
Host 4.3.2.1.zen.spamhaus.org not found: 3(NXDOMAIN)
If you are seeing anything else then there's a problem and you need to quote the output. A positive hit would look like (e.g. 2.2.2.2 on zen.spamhaus.org would look like):
Code: Select all
# host -t A 2.2.2.2.zen.spamhaus.org
2.2.2.2.zen.spamhaus.org has address 127.0.0.11
If you're seeing a hit, then the text from the RBL (if available, not all provide it):
Code: Select all
# host -t TXT 2.2.2.2.zen.spamhaus.org
2.2.2.2.zen.spamhaus.org descriptive text "https://www.spamhaus.org/query/ip/2.2.2.2"
Re: RBL check timeout bug?
Posted: 01 Dec 2017, 10:35
by marcele
You were right. There was a wildcard DNS entry on the search domain that was causing this issue. Setting "search ." in /etc/resolv.conf fixed the issue.
Great catch!