Warnings for multi.uribl.com
564 views
Skip to first unread message
Stefan Arentz
Dec 24, 2016, 2:07:17 PM12/24/16
to rspamd
Hi there,
My mail.log is full of these messages:
2016-12-24 19:59:35 #1945(normal) <9ownwh>; monitored;
rspamd_monitored_dns_cb: DNS reply returned 'no error' for
multi.uribl.com while 'no records with this name' was expected
There was a hint earlier on this mailing list about some DNS servers not doing the right thing, or redirecting NXDOMAIN answers. So I switched to PowerDNS Recursor on localhost with Google DNS as a fallback but the same thing still happens. So I'm not sure if it is DNS related. It looks more directly related to the uribl.com service.
From the message it is unclear if this is serious or if I can ignore it. Or that is must be fixed.
Not sure what to do, help appreciated.
S.
ltyb...@gmail.com
Dec 25, 2016, 3:58:26 AM12/25/16
to rspamd
Use their own DNS, I was so resolved
在 2016年12月25日星期日 UTC+8上午3:07:17,Stefan Arentz写道:
hope this helps
在 2016年12月25日星期日 UTC+8上午3:07:17,Stefan Arentz写道:
Stefan Arentz
Dec 25, 2016, 10:41:53 AM12/25/16
to ltyb...@gmail.com, rspamd
Thanks for the suggestion. Like I wrote in my email, that is what I tried. It made no difference.
S.
--
You received this message because you are subscribed to a topic in the Google Groups "rspamd" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/rspamd/R5y3NI-epC8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to rspamd+unsubscribe@googlegroups.com.
Visit this group at https://groups.google.com/group/rspamd.
Andrew Lewis
Dec 25, 2016, 11:00:43 AM12/25/16
to rsp...@googlegroups.com
Hi Stefan,
Rspamd will use /all/ resolvers in resolv.conf (a second resolver is
not a fallback). You may want to configure resolvers explicitly:
https://rspamd.com/doc/configuration/options.html#dns-options
Best,
-AL.
Stefan Arentz
Dec 25, 2016, 11:54:10 AM12/25/16
to Andrew Lewis, rspamd
Something weird is going on with DNS. Like you suggested I explicitly configured dns like this:
dns {
timeout = 1s;
sockets = 16;
retransmits = 5;
nameserver = "8.8.8.8:5";
nameserver = "8.8.4.4:5";
}
(Thank you, I had not found that documentation yet)
But now when I restart rspamd, I see this:
2016-12-25 17:49:32 #18039(normal) <xa6qqy>; map; rspamd_map_dns_callback: cannot resolve rspamd.com
2016-12-25 17:49:32 #18039(normal) <xa6qqy>; map; rspamd_map_dns_callback: cannot resolve rspamd.com
2016-12-25 17:49:32 #18039(normal) <qwxppg>; map; rspamd_map_dns_callback: cannot resolve rspamd.com
2016-12-25 17:49:32 #18039(normal) <xa6qqy>; map; rspamd_map_dns_callback: cannot resolve rspamd.com
The same thing happens with I just use
nameserver = "127.0.0.1:10";
Which is most certainly a correctly working DNS resolver. I can confirm with dig @127.0.0.1 easily.
Question: the config talks about keeping sockets open to the DNS server. Does that mean rspamd talks TCP to DNS servers? I'm pretty sure my servers and Google's only support UDP queries.
S.
Vsevolod Stakhov
Dec 25, 2016, 12:00:18 PM12/25/16
to Stefan Arentz, Andrew Lewis, rspamd
8.8.8.8:5 is 8.8.8.8 port 5, which is clearly incorrect. It seems that
the documentation is broken here. For example,
https://rspamd.com/doc/configuration/upstream.html describes a sane DNS
setup where both port and priority are specified.
Furthermore, all public resolvers such as 8.8.8.8 are banned by SURBL so
that won't help to resolve your issue.
On 25/12/2016 16:54, Stefan Arentz wrote:
> Something weird is going on with DNS. Like you suggested I explicitly
> configured dns like this:
>
> dns {
> timeout = 1s;
> sockets = 16;
> retransmits = 5;
> nameserver = "8.8.8.8:5";
> nameserver = "8.8.4.4:5";
> }
>
> (Thank you, I had not found that documentation yet)
>
> But now when I restart rspamd, I see this:
>
> 2016-12-25 17:49:32 #18039(normal) <xa6qqy>; map;
> 2016-12-25 17:49:32 #18039(normal) <xa6qqy>; map;
> rspamd_map_dns_callback: cannot resolve rspamd.com <http://rspamd.com>
> 2016-12-25 17:49:32 #18039(normal) <qwxppg>; map;
> rspamd_map_dns_callback: cannot resolve rspamd.com <http://rspamd.com>
> 2016-12-25 17:49:32 #18039(normal) <xa6qqy>; map;
> rspamd_map_dns_callback: cannot resolve rspamd.com <http://rspamd.com>
>
> The same thing happens with I just use
>
> nameserver = "127.0.0.1:10 <http://127.0.0.1:10>";
> The same thing happens with I just use
>
>
> Which is most certainly a correctly working DNS resolver. I can confirm
> with dig @127.0.0.1 <http://127.0.0.1> easily.
> Which is most certainly a correctly working DNS resolver. I can confirm
>
> Question: the config talks about keeping sockets open to the DNS server.
> Does that mean rspamd talks TCP to DNS servers? I'm pretty sure my
> servers and Google's only support UDP queries.
>
> S.
>
>
> On Sun, Dec 25, 2016 at 11:00 AM, Andrew Lewis <rspam...@judo.za.org
> <mailto:rspam...@judo.za.org>> wrote:
>
>
> Hi Stefan,
>
> Rspamd will use /all/ resolvers in resolv.conf (a second resolver is
> not a fallback). You may want to configure resolvers explicitly:
> https://rspamd.com/doc/configuration/options.html#dns-options
> <https://rspamd.com/doc/configuration/options.html#dns-options>
>
> Best,
> -AL.
>
>
> --
> You received this message because you are subscribed to a topic in
> the Google Groups "rspamd" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/rspamd/R5y3NI-epC8/unsubscribe
> <https://groups.google.com/d/topic/rspamd/R5y3NI-epC8/unsubscribe>.
> Question: the config talks about keeping sockets open to the DNS server.
> Does that mean rspamd talks TCP to DNS servers? I'm pretty sure my
> servers and Google's only support UDP queries.
>
> S.
>
>
> On Sun, Dec 25, 2016 at 11:00 AM, Andrew Lewis <rspam...@judo.za.org
> <mailto:rspam...@judo.za.org>> wrote:
>
>
> Hi Stefan,
>
> Rspamd will use /all/ resolvers in resolv.conf (a second resolver is
> not a fallback). You may want to configure resolvers explicitly:
> https://rspamd.com/doc/configuration/options.html#dns-options
> <https://rspamd.com/doc/configuration/options.html#dns-options>
>
> Best,
> -AL.
>
>
> --
> You received this message because you are subscribed to a topic in
> the Google Groups "rspamd" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/rspamd/R5y3NI-epC8/unsubscribe
> To unsubscribe from this group and all its topics, send an email to
> rspamd+un...@googlegroups.com
> <mailto:rspamd%2Bunsu...@googlegroups.com>.
> Visit this group at https://groups.google.com/group/rspamd
> <https://groups.google.com/group/rspamd>.
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "rspamd" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to rspamd+un...@googlegroups.com
> <mailto:rspamd+un...@googlegroups.com>.
--
Vsevolod Stakhov
Stefan Arentz
Dec 25, 2016, 12:08:26 PM12/25/16
to Vsevolod Stakhov, Andrew Lewis, rspamd
On Sun, Dec 25, 2016 at 12:00 PM, Vsevolod Stakhov <vsev...@highsecure.ru> wrote:
8.8.8.8:5 is 8.8.8.8 port 5, which is clearly incorrect. It seems that
the documentation is broken here. For example,
https://rspamd.com/doc/configuration/upstream.html describes a sane DNS
setup where both port and priority are specified.
Furthermore, all public resolvers such as 8.8.8.8 are banned by SURBL so
that won't help to resolve your issue.
Right, that did the trick:
dns {
timeout = 2s;
sockets = 4;
retransmits = 5;
nameserver = "127.0.0.1";
}
No errors at startup and looksups to multi.uribl.com also works now.
Yeah that was confusing because https://rspamd.com/doc/configuration/options.html#dns-options clearly states that number after the server address is used to prioritize the requests.
My suggestion is to fix that and also not use Google DNS in the examples if those are not great choices. It is fairly simple to run your own DNS server, so I think the docs should just suggest to do that.
I'm happy to submit a pull request for documentation changes.
S.
Reply all
Reply to author
Forward
0 new messages