You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Nicola Piazzi <Ni...@gruppocomet.it> on 2016/10/17 13:00:08 UTC

rbldnsd

Someone use dnsrbld to create personal rbl ?
I am unable to bind to port 53 (and other ports)

I start and it tell that bind :

[root@EFALIST rbldnsd]# ./start.sh
rbldnsd: listening on ::1/53
rbldnsd: listening on 127.0.0.1/53
rbldnsd: ip4tset:/rbldnsd/test.txt: 20161017 101633: cnt=2
rbldnsd: zones reloaded, time 0.0e/0.0u sec, mem arena=284 free=131 mmap=0 Kb
rbldnsd: rbldnsd version 0.998 (05 Dec 2015) started (2 socket(s), 1 zone(s))

But when I ipscan this host I found open only ports that belongs to other services and not 53 :

[root@EFALIST ~]#  nmap -sT -O localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2016-10-17 14:56 CEST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000052s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 997 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
23/tcp open  telnet
25/tcp open  smtp
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:

Re: rbldnsd

Posted by Antony Stone <An...@spamassassin.open.source.it>.

On Monday 17 October 2016 at 17:14:18, Bill Cole wrote:

> On 17 Oct 2016, at 9:04, Antony Stone wrote:
> > DNS runs over UDP, not TCP.
> 
> True AND false.

Agreed; thanks for the detailed clarification, however I was answering a 
question specifically about rbldnsd.

> A DNS server that does not speak TCP is not a complete DNS server. It
> may be adequate for purpose (a DNSBL may never have any answer larger
> than 512 bytes, for example) but that's a different thing.

Indeed.


Antony.

-- 
Users don't know what they want until they see what they get.

                                                   Please reply to the list;
                                                         please *don't* CC me.

Re: rbldnsd

Posted by Bill Cole <sa...@billmail.scconsult.com>.

On 17 Oct 2016, at 9:04, Antony Stone wrote:

> DNS runs over UDP, not TCP.

True AND false.

Most DNS queries can be answered in a single UDP packet and so most 
queries are tried over UDP first. Traditionally, DNS answers over UDP 
were limited to 512 bytes, although modern extensions typically allow 
responses that fill a traditional Ethernet frame (1500 bytes, possibly 
reduced by intermediary VLAN tags or other constraints). Some answers 
are too long for whatever limit is in effect and so are sent in 
truncated form with the DNS 'truncated' flag set. Usually a client will 
then retry the query via TCP to get a complete reliable answer. In 
addition, all zone transfers are done over TCP.

A DNS server that does not speak TCP is not a complete DNS server. It 
may be adequate for purpose (a DNSBL may never have any answer larger 
than 512 bytes, for example) but that's a different thing.

Re: R: rbldnsd

Posted by Axb <ax...@gmail.com>.

This is OT on this list.


here is all the info:

http://www.corpit.ru/mjt/rbldnsd/rbldnsd.8.html

if you need more hand holding, pls use the rbdlsnd list




On 10/17/2016 03:18 PM, Nicola Piazzi wrote:
> THX Antony
> Service works, but at now how can i address query to this server ?
> And the service name test how must be inserted in the query ?
> usr/sbin/rbldnsd -n -b localhost/53 test:ip4tset:/rbldnsd/test.txt
>
>
> Nicola Piazzi
> CED - Sistemi
> COMET s.p.a.
> Via Michelino, 105 - 40127 Bologna – Italia
> Tel.  +39 051.6079.293
> Cell. +39 328.21.73.470
> Web: www.gruppocomet.it
>
>
>
> -----Messaggio originale-----
> Da: Antony Stone [mailto:Antony.Stone@spamassassin.open.source.it]
> Inviato: lunedì 17 ottobre 2016 15:04
> A: users@spamassassin.apache.org
> Oggetto: Re: rbldnsd
>
> On Monday 17 October 2016 at 15:00:08, Nicola Piazzi wrote:
>
>> Someone use dnsrbld to create personal rbl ?
>> I am unable to bind to port 53 (and other ports)
>
> Oh?
>
>> I start and it tell that bind :
>>
>> [root@EFALIST rbldnsd]# ./start.sh
>> rbldnsd: listening on ::1/53
>> rbldnsd: listening on 127.0.0.1/53
>
> So, it's listening on port 53, both IPv4 and IPv6.
>
>> rbldnsd: ip4tset:/rbldnsd/test.txt: 20161017 101633: cnt=2
>> rbldnsd: zones reloaded, time 0.0e/0.0u sec, mem arena=284 free=131
>> mmap=0 Kb rbldnsd: rbldnsd version 0.998 (05 Dec 2015) started (2
>> socket(s), 1
>> zone(s))
>
> Looks happy to me.
>
>> But when I ipscan this host I found open only ports that belongs to
>> other services and not 53 :
>>
>> [root@EFALIST ~]#  nmap -sT -O localhost
>
> Try U instead of T.
>
> DNS runs over UDP, not TCP.
>
>
> Antony.
>
> --
> I wasn't sure about having a beard at first, but then it grew on me.
>
>                                                    Please reply to the list;
>                                                          please *don't* CC me.
>

Re: R: rbldnsd

Posted by RW <rw...@googlemail.com>.

On Mon, 17 Oct 2016 13:18:23 +0000
Nicola Piazzi wrote:

> THX Antony
> Service works, but at now how can i address query to this server ?
> And the service name test how must be inserted in the query ?

There are plenty of examples in the stock rules.

R: rbldnsd

Posted by Nicola Piazzi <Ni...@gruppocomet.it>.

THX Antony
Service works, but at now how can i address query to this server ?
And the service name test how must be inserted in the query ?
usr/sbin/rbldnsd -n -b localhost/53 test:ip4tset:/rbldnsd/test.txt


Nicola Piazzi
CED - Sistemi
COMET s.p.a.
Via Michelino, 105 - 40127 Bologna – Italia
Tel.  +39 051.6079.293
Cell. +39 328.21.73.470
Web: www.gruppocomet.it



-----Messaggio originale-----
Da: Antony Stone [mailto:Antony.Stone@spamassassin.open.source.it] 
Inviato: lunedì 17 ottobre 2016 15:04
A: users@spamassassin.apache.org
Oggetto: Re: rbldnsd

On Monday 17 October 2016 at 15:00:08, Nicola Piazzi wrote:

> Someone use dnsrbld to create personal rbl ?
> I am unable to bind to port 53 (and other ports)

Oh?

> I start and it tell that bind :
> 
> [root@EFALIST rbldnsd]# ./start.sh
> rbldnsd: listening on ::1/53
> rbldnsd: listening on 127.0.0.1/53

So, it's listening on port 53, both IPv4 and IPv6.

> rbldnsd: ip4tset:/rbldnsd/test.txt: 20161017 101633: cnt=2
> rbldnsd: zones reloaded, time 0.0e/0.0u sec, mem arena=284 free=131 
> mmap=0 Kb rbldnsd: rbldnsd version 0.998 (05 Dec 2015) started (2 
> socket(s), 1
> zone(s))

Looks happy to me.

> But when I ipscan this host I found open only ports that belongs to 
> other services and not 53 :
> 
> [root@EFALIST ~]#  nmap -sT -O localhost

Try U instead of T.

DNS runs over UDP, not TCP.


Antony.

--
I wasn't sure about having a beard at first, but then it grew on me.

                                                   Please reply to the list;
                                                         please *don't* CC me.

Re: rbldnsd

Posted by Antony Stone <An...@spamassassin.open.source.it>.

On Monday 17 October 2016 at 15:00:08, Nicola Piazzi wrote:

> Someone use dnsrbld to create personal rbl ?
> I am unable to bind to port 53 (and other ports)

Oh?

> I start and it tell that bind :
> 
> [root@EFALIST rbldnsd]# ./start.sh
> rbldnsd: listening on ::1/53
> rbldnsd: listening on 127.0.0.1/53

So, it's listening on port 53, both IPv4 and IPv6.

> rbldnsd: ip4tset:/rbldnsd/test.txt: 20161017 101633: cnt=2
> rbldnsd: zones reloaded, time 0.0e/0.0u sec, mem arena=284 free=131 mmap=0
> Kb rbldnsd: rbldnsd version 0.998 (05 Dec 2015) started (2 socket(s), 1
> zone(s))

Looks happy to me.

> But when I ipscan this host I found open only ports that belongs to other
> services and not 53 :
> 
> [root@EFALIST ~]#  nmap -sT -O localhost

Try U instead of T.

DNS runs over UDP, not TCP.


Antony.

-- 
I wasn't sure about having a beard at first, but then it grew on me.

                                                   Please reply to the list;
                                                         please *don't* CC me.