URIBL_BLOCKED

Questions and answers about how to do stuff
Post Reply
BliXem
Posts: 80
Joined: 27 Mar 2017 19:17

URIBL_BLOCKED

Post by BliXem » 04 Aug 2017 23:20

Hello,

I'm noticing this:

0.00 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/Dns ... nsbl-block for more information.

I'm using hetzner VPS: http://blog.sourcepole.ch/2013/05/07/di ... massassin/

How can I resolve this?

User avatar
pdwalker
Posts: 1181
Joined: 18 Mar 2015 09:16

Re: URIBL_BLOCKED

Post by pdwalker » 05 Aug 2017 07:58

What DNS server are you using to resolve your DNS?

Does this DNS server forward the requests somewhere, or does it resolve the requests itself?

BliXem
Posts: 80
Joined: 27 Mar 2017 19:17

Re: URIBL_BLOCKED

Post by BliXem » 05 Aug 2017 09:56

Don't know for sure:

The server in question is running at Hetzner and 172.31.1.100 seems to be Hetzner’s front-end forwarding DNS server. Since we’re using Hetzner’s default DNS servers as most of their customers, it seems like the result is too many lookups to URIBL and in consequence URIBL blocking lookups from Hetzner’s.

They say this:

Why does my VM have the IP 172.31.1.100?
Or also:
Why does my VM have a different IP from the one shown in the Robot?
Why does my VM have a private IP?
With the CX models the IPv4 address of the virtual server is a private IP, which is configured 1:1 via NAT on the public IP. Currently the private IP is the same for all: 172.31.1.100. The public IP is displayed in the Robot.
Which network configuration must be done?
With an automatic installation, all the necessary changes have already been made for you and you can use the server right away.
With a custom installation, you need to change the network configuration yourself.
Change your network configuration (IPv4) as follows:
Static IP Address: 172.31.1.100
Netmask: 255.255.255.0
Default gateway: 172.31.1.1

So I think it's already done by them. So I need to turn it off via EFA-Configure?
Update: off/on doesn't matter. Same problem.

User avatar
pdwalker
Posts: 1181
Joined: 18 Mar 2015 09:16

Re: URIBL_BLOCKED

Post by pdwalker » 07 Aug 2017 06:27

Ok, normally the block lists limit the amount of requests per day. If you are using someone else's DNS server, then it is likely that that particular server has already made too many requests, thus the requests are blocked.

Instead, you need to configure EFA to use it's own forwarder to send the requests. Also, I am assuming that you have a fixed ip that is not shared/NAT'ed with other customers.

How do I know if it is working correctly? Simple, by making a request and looking at the results:
using google's public DNS server - fail.

Code: Select all

[root@efa ~]# host -t TXT 2.0.0.127.multi.uribl.com 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:

2.0.0.127.multi.uribl.com descriptive text "127.0.0.1 -> Query Refused. See http://uribl.com/refused.shtml for more information [Your DNS IP: 74.125.41.66]"
using my own DNS server that does its own lookups - success

Code: Select all

[root@efa ~]# host -t TXT 2.0.0.127.multi.uribl.com 127.0.0.1
Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases:

2.0.0.127.multi.uribl.com descriptive text "permanent testpoint"
Have you turned on DNS recursion in your EFA settings? That is under IP Settings, DNS Recursion, Enabled

[edit:]

Ah, I see you have a private IP address, not a public one. That means you are sharing a public IP and it is likely that this ip could be making too many requests. You can try enabling the forwarding and run the test again to see if it makes any difference.

Otherwise, I'm afraid your only solutions are
a/ move your host to a place where you can get a public IP
b/ setup your own dns server with a public IP just so your efa instance can query it and use the RBLs.

Good luck!

Post Reply