ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

RBL check is incorrectly checking Cloudflare IP's

https://mail.forum.configserver.com/viewtopic.php?t=12795

Page 1 of 1

RBL check is incorrectly checking Cloudflare IP's

Posted: 03 Apr 2023, 13:46
by opshelp
Hello,

We have a user getting the following emails from CSF:

Code: Select all

Subject: RBL Check on REDACTED: [5] failures
From: <root@REDACTED>
Date: 02/04/2023, 00:00
To: REDACTED
Checked 185.XX.XX.XXX (PUBLIC) on Sun Apr 2 00:00:02 2023
cbl.abuseat.org Error: open resolver; https://www.spamhaus.org/returnc
/pub/172.71.241.6
noptr.spamrats.com TIMEOUT
pbl.spamhaus.org Error: open resolver; https://www.spamhaus.org/returnc
/pub/172.70.161.130
sbl.spamhaus.org Error: open resolver; https://www.spamhaus.org/returnc
/pub/172.70.88.211
xbl.spamhaus.org Error: open resolver; https://www.spamhaus.org/returnc
/pub/172.71.177.38
zen.spamhaus.org Error: open resolver; https://www.spamhaus.org/returnc
/pub/172.71.241.37
I'm unsure why CSF is checking those Cloudflare IP's against the RBL's. The servers hostname does not resolve to Cloudflare:

Code: Select all

$ dig +short REDACTED A
185.XX.XX.XXX
Given CSF says `Checked 185.XX.XX.XXX`, does anyone know why it's checking the Cloudflare IP's?

Thank you

Re: RBL check is incorrectly checking Cloudflare IP's

Posted: 04 Apr 2023, 12:00
by opshelp
This looks like a bug when the server is using Cloudflare's resolvers (

Code: Select all

nameserver 1.1.1.1
in

Code: Select all

/etc/resolv.conf
Changing these to alternative resolvers has stopped CSF from checking CF IP's against RBL's
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited