zen.spamhaus.org <https://www.dnsbl.info/dnsbl-details.php?dnsbl=zen.spamhaus.org> DNS blacklist doesn't seem to be resolving. This caused some email to bounce on a system because it couldn't lookup to see if an IP was on the RBL.
On Tue, Apr 20, 2021 at 07:34:51AM -0700, Jared Geiger via Outages <outages@outages.org> wrote a message of 35 lines which said:
zen.spamhaus.org <https://www.dnsbl.info/dnsbl-details.php?dnsbl=zen.spamhaus.org> DNS blacklist doesn't seem to be resolving.
It works fine for me. (But the incredible number of IP addresses for its name servers is a bit disconcerting.) Could you provide details? Precise request, actual DNS result? % dig A 192.0.1.1.zen.spamhaus.org ; <<>> DiG 9.11.5-P4-5.1+deb10u3-Debian <<>> A 192.0.1.1.zen.spamhaus.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11405 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;192.0.1.1.zen.spamhaus.org. IN A ;; AUTHORITY SECTION: zen.spamhaus.org. 10 IN SOA need.to.know.only. hostmaster.spamhaus.org. ( 2104201507 ; serial 3600 ; refresh (1 hour) 600 ; retry (10 minutes) 432000 ; expire (5 days) 10 ; minimum (10 seconds) ) ;; Query time: 32 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Apr 20 17:08:12 CEST 2021 ;; MSG SIZE rcvd: 147
Seems to work here. Looking up something that is on DROP, it returns: dig -t A 0.176.58.2.zen.spamhaus.org ; <<>> DiG 9.11.5-P4-5.1+deb10u3-Debian <<>> -t A 0.176.58.2.zen.spamhaus.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13958 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;0.176.58.2.zen.spamhaus.org. IN A ;; ANSWER SECTION: 0.176.58.2.zen.spamhaus.org. 60 IN A 127.0.0.2 0.176.58.2.zen.spamhaus.org. 60 IN A 127.0.0.9 ;; Query time: 304 msec ;; SERVER: 1.1.1.2#53(1.1.1.2) ;; WHEN: Tue Apr 20 22:32:00 +07 2021 ;; MSG SIZE rcvd: 88 Looking up something that is clean returns NXDOMAIN, looking up something that is not clean returns the appropriate record. I think there is no AAAA, A, CNAME for zen.spamhaus.org itself.
participants (3)
-
Jared Geiger -
Michael Felden -
Stephane Bortzmeyer