[prev in list] [next in list] [prev in thread] [next in thread]
List: spamassassin-devel
Subject: [Bug 6075] dnsbl checks time out
From: bugzilla-daemon () issues ! apache ! org
Date: 2009-02-28 10:44:07
Message-ID: 20090228104407.901F1234C4A8 () brutus ! apache ! org
[Download RAW message or body]
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6075
--- Comment #7 from Elsa Andrés <e.andres@ist-sci.com> 2009-02-28 02:44:06 PST ---
(In reply to comment #6)
> I had a raw (binary) packet capture in mind. The textual summary
> can cover interesting details, which might be important.
> But it will do for now. It seems the queries are sent, but replies
> are not coming back (assuming you left the capture running
> sufficiently long time after running spamassassin, say a minute).
Yes, no reply.
Strange thing is that making single queries, I get a reply from dns server:
***
host 213.21.195.128.zen.spamhaus.org
Host 213.21.195.128.zen.spamhaus.org not found: 3(NXDOMAIN)
***
and tcpdump...
***
11:27:00.621787 IP 10.0.0.11.32781 >
33.Red-80-58-0.staticIP.rima-tde.net.domain: 3709+ A?
213.21.195.128.zen.spamhaus.org. (49)
11:27:00.798656 IP 33.Red-80-58-0.staticIP.rima-tde.net.domain >
10.0.0.11.32781: 3709 NXDomain 0/1/0 (113)
11:27:00.798916 IP 10.0.0.11.32781 >
33.Red-80-58-0.staticIP.rima-tde.net.domain: 8369+ A?
213.21.195.128.zen.spamhaus.org. (49)
11:27:00.838842 IP 33.Red-80-58-0.staticIP.rima-tde.net.domain >
10.0.0.11.32781: 8369 NXDomain 0/1/0 (113)
11:27:05.621448 IP 10.0.0.11.32781 >
33.Red-80-58-0.staticIP.rima-tde.net.domain: 17060+ PTR? 1.0.0.10.in-addr.arpa.
(39)
11:27:05.661448 IP 33.Red-80-58-0.staticIP.rima-tde.net.domain >
10.0.0.11.32781: 17060 NXDomain 0/1/0 (116)
11:29:06.996959 IP 10.0.0.11.32781 >
33.Red-80-58-0.staticIP.rima-tde.net.domain: 40187+ PTR? 1.0.0.10.in-addr.arpa.
(39)
11:29:07.036717 IP 33.Red-80-58-0.staticIP.rima-tde.net.domain >
10.0.0.11.32781: 40187 NXDomain 0/1/0 (116)
***
So maybe there is something in the way SA makes dnsbl queries what it is
causing this.
Is there any way I could tell SA to query just "one" dnsbl list? This way I
could reproduce a single "host" query, which outside SA, works o.k.
> Looks like you need to do some network troubleshooting, like
> looking at a DNS server's log file, trying the same capture
> on the DNS host, checking firewall, network, ...
Well, I am trying all the tests I can perfom at my side (disabling firewalls
-computer and router ones- disabling any filters that could be blocking packets
and so on).
Once the packets leave my router I don't have any control. I am using my ISP
dns servers.
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic