Page 1 of 1

URIBL Blocked

Posted: 2018-04-20 09:22
by jimimaseye
I have windows DNS Server in use as a caching server and it forwards all its lookups.

Recently, I have now noticed that my Spamassassin URILBL are being blocked

Code: Select all

	*  0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
	*       See
	*      for more information.
I know diddly about implementing the DNS Server beyond that of the forwarding server it is now.

Can anyone guide me on how to either

a, take a mirror of the dns lookups and store them local to my server so it doesnt have to lookup each query directly every time (preferable) OR
b, something else without saying anything that is similar to "use [non-windows DNS server Here]"


Re: URIBL Blocked

Posted: 2018-04-20 09:28
by RvdH
Use a conditional forwarder? Eg, not using your ISP DNS but do the lookup yourself so it doen't reach the hit limit ... redns.html

Re: URIBL Blocked

Posted: 2018-04-20 09:52
by mattg
I think that you need to make your windows DNS server non-caching

modify this registry entry:

KEY Name: HKLM\System\CurrentControlSet\Services\DNS\Parameters
Entry Name: MaxCacheTtl
Value: 0x15180 (this is the default value)

To disable the caching completely on DNS Server, set the value of MaxCacheTtl to 0x0.

Re: URIBL Blocked

Posted: 2018-04-20 10:45
by jimimaseye
RvdH wrote:
2018-04-20 09:28
Use a conditional forwarder? Eg, not using your ISP DNS but do the lookup yourself so it doen't reach the hit limit ... redns.html
Cheers Ruud - that looks like the solution. I shall try it over the weekend.

@Matt: presumably if I turned off caching then it would continue to forward the requests (my DNS Server is not a mirror, it is a forwarding caching server only). I think the issue is that my server forwards requests to my ISP server which, along with all its other users, is then exceeding its allowed limit with (as all the links that it looks up are unlikely to be repeated in multiple emails the 'caching' element for these lookups is largely useless). So making my server do the lookup directly (as Ruud/Jam Guide has explained) will hopefully register my individual address on as the requesting IP which will be just a (comparatively) few a day instead of thousands (or millions) that the ISP's dns servers do.

Re: URIBL Blocked

Posted: 2018-04-21 00:56
by jimimaseye
So Ive added the records, one each for the entries:

and it has stopped the problem. (Thanks again Ruud).

The only thing I wonder is how often the IP addresses behind the above entries change (when you enter it in to the system it resolves the FQDN entry as entered above in to the current IP address and stores that instead.) Hopefully rarely or never otherwise eventually the lookups will all stop working. (Unfortunately the Conditional Forwarding feature in windows DNS Server doesnt let you simply enter the FQDN and have them resolve or update automatically.)