6 messages in net.sourceforge.lists.courier-usersRe: [courier-users] DNS lookup blacklist
FromSent OnAttachments
Lisa MuirJan 16, 2008 1:38 pm 
Sam VarshavchikJan 16, 2008 3:27 pm 
Gordon MessmerJan 16, 2008 3:36 pm 
Leigh S. Jones, KR6XJan 16, 2008 6:57 pm 
Lisa MuirJan 16, 2008 9:59 pm 
Arturo 'Buanzo' BusleimanJan 17, 2008 2:57 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: [courier-users] DNS lookup blacklistActions...
From:Sam Varshavchik (mrs@courier-mta.com)
Date:Jan 16, 2008 3:27:40 pm
List:net.sourceforge.lists.courier-users

Lisa Muir writes:

I've been adding dns blacklists through the courier webadmin with great results. Wanted to add lashback to the list, and found this in their info:

if you wish to check whether 192.168.1.100 is listed in the UBL, you would perform a DNS lookup on 100.1.168.192.ubl.unsubscore.com

Is this how the web configured DNS blacklists work or do they simply

They all work this way.

make a reverse DNS lookup on the IP address? I was hoping to migrate the blacklist lookups to a localhost BIND and effectly use it as a proxy for courier to make one single rdns lookup on, but if they all operate like lashback, then thats not going to work with multiple dnsbl's

Why not? It'll work just fine. Of course, it will get slow. Once you get beyond 3-4 DNSBLs, the server will spend a noticeable amount of time waiting for remote DNS queries to come back.

The usual solution is to make arrangements with your DNSBL's operators to let your nameservers do zone transfers, rather than ad-hoc queries. This will effectively keep your DNS lookups local, and each check essentially translates to a rather fast database dip. You can't expect it to get faster than that.