You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Justin Mason <jm...@jmason.org> on 2005/02/17 21:49:51 UTC
Re: Continued problems with RBL
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Austin Weidner writes:
> > 127.0.0.2 is the standard answer that Spamcop gives if the requested
> > address is in its list. If the address is not in its list, if returns
> > a NOT FOUND. So it looks like you are right in that the problem is not
> > access-related. Do you have a "dns_available" entry in your
> > /etc/mail/spamassassin/local.cf file?
>
> Kevin,
> Initially I did not have a dns_available entry. Then, when I found out the
> DNS was timing out at 15 seconds, all my spamassassin scans were taking 20+
> seconds. So I added a dns_available no entry. This made my scans go down to
> less than a second, but obviously not using any outside tests.
>
> HOWEVER, for testing purposes I have been commenting that out so it acts
> like a default config (and then restarting SA). I have tried both no entry
> and dns_available yes... neither with any success.
>
> I think SA uses Net::DNS when it checks all the blacklists. We've proved NS
> lookup works so there is no problem there, so I think the problem is
> something with Net::DNS. Any other tips, I would sure appreciate it!
1. there have been some reports that Net::DNS will only look at the very
first nameserver listed in /etc/resolv.conf. Have you checked how long
that takes to look up a (non-cached!) record?
2. I know you're not using Comcast's nameservers ;) but FWIW, I had to
stop using them since they would regularly time out, even on routine
web-browsing queries. I instead run my own root-querying named locally
now as a result. Many large, inept ISPs have this problem.
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFCFQNvMJF5cimLx9ARArgcAJ9LZD2Xzt07QEgWBvfXcSD1asIEvwCfWWQ5
QPLSOsGbU7jkvfj06RMBfdU=
=XHV1
-----END PGP SIGNATURE-----
RE: Continued problems with RBL
Posted by Austin Weidner <we...@comcast.net>.
> 1. there have been some reports that Net::DNS will only look at the very
> first nameserver listed in /etc/resolv.conf. Have you checked how long
> that takes to look up a (non-cached!) record?
I tried switching the order of the nameservers, no luck. Tried adding a new
nameserver (public nameserver), lo luck. Still getting:
---------
debug: RBL: success for 0 of 12 queries
debug: DNS: timeout for rfci_envfrom after 20 seconds
debug: DNS: timeout for NO_DNS_FOR_FROM after 20 seconds
---------
Does Net::DNS even look in resolv.conf? There seems to be some links to a
file called ".resolv.conf". I wonder if Net::DNS isn't even looking there?