Hello Eric,

 

Thanks for the information. Can you please confirm if you have the URIBL:URIBL Spam check enabled in the AntiSpam Administration section ?  I would advise to either remove or uncheck that option. There has been some issues with the Spam check throwing erroneous values and weights causing emails to be flagged with higher numbers.

 

Thanks.

 

 

In the example given by Eric Bourland, the failure appears to be because the LOOPBACK IP ADDRESS cannot be mapped to a public IP address, so the URIBL blocked the query:

"X-SmarterMail-SpamDetail: 0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was blocked"

 

This is a new failure response from RBL/URIBL databases.  Previously, when failing queries, the antispam databases always returned a response that indicated that the message being checked was spam.

 

Because a failure from an RBL / URIBL does not necessarily indicate that the message begin checked is spam, it is always preferable to have a valid RBL / URIBL lookup failure reason, as is the case in Borland's example.

 

That is why SmarterMail should always point to a LOCAL DNS SERVER, with a PUBLICALLY MAPABLE IP ADDRESS, used for both the primary and secondary SmarterMail DNS servers as those DNS servers will be doing the FQDN lookups when the RBL and URIBL databases are queried and they will not trigger the 100K limit of queries from a single, public DNS server.

Keep in mind everyone that this is in reference to SpamAssassin in a box.

 

I believe you should contact support for Jam Software. I have needed to contact them in the past and they have been very helpful.

 

I do not see these errors.

The RBLs still expect the DNS query to come from a publically accessible DNS server and 127.0.0.1 is not a public DNS server IP address.

 

They need to validate the IP address of the DNS server to check the number of queries which originate from any given DNS server in a 24 hour period (sorry, I cannot tell you what time zone they are synchronized to, but I will assume their local time zone) as most now deny further queries after a single DNS server IP address reached 100K or more.

 

They deny further queries because they want large providers to subscribe to their services and databases.

First, the issue raised is using 127.0.0.1 as a DNS server.  That is a LOOPBACK ADDRESS and is never a valid address from outside the server.

 

Second:  this is not false information.  The RBLs clearly state, in their AUP statements, that the RBL and BRBL databases  count the number of queries received from any DNS server in a given 24 hour period and deny queries above a given threshold from a single DNS server's IP address, generally 100K queries in any given 24 hour period.

 

To properly count queries from a DNS server, it must have either a PUBLIC or PUBLICALLY MAPPED, IP address.

This is a problem with SpamAssassin in a box, and not directly Smartermail, I will focus on that actual problem.

 

SpamAssassin in a box likely uses the DNS servers that are registered on your network adapter. You should insure you are not using a public dns IP on the server level.

Hi, friends,

 

These are very helpful replies.

 

>>>The RBLs still expect the DNS query to come from a publically accessible DNS server and 127.0.0.1 is not a public DNS server IP address.


Got it -- this makes sense. However, I was getting this URIBL blocked error ("X-SmarterMail-SpamDetail: 0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was blocked") before, when I was using the public DNS server IP addresses provided by my ISP:

 

IP of Primary DNS: 208.77.208.4
IP of Secondary DNS: 208.77.208.5

 

Although my ISP points out that the low-volume usage limit was probably reached:

> > > ----------------------------------------
> > > From: "Luke Blodgett via RT" <support@support.viviotech.net>
> > > Sent: Tuesday, April 14, 2015 2:05 PM
> > > To: eric@ebwebwork.com
> > > Subject: [support.viviotech.net #395958] DNS question in SmarterMail
> > on
> > > tarsier: "The query to URIBL was blocked"
> > > Eric
> > >
> > > If the server is set to use our resolvers for DNS it may be getting
> > > blocked because URIBL is for 'low volume usage' and we have many
> > servers
> > > using our DNS for URIBL look ups.
> > > http://uribl.com/refused.shtml
> > >
> > > It may be that you need to start using one of your servers for DNS
> > > lookups.

 

Per Steve's note, I will contact JAM Software.

 

I have a couple more questions:

 

1) Does this mean that, currently, none of my RBL and URIBL lookups are doing anything at all?

 

2) If 127.0.0.1 will not work as an IP for SmarterMail, and if the public DNS IPs will not work -- what else can I do?

Thank you as always for this very useful discussion.

 

Eric

FYI. I think I have fixed this; I did two things:

 

1) set up forwarding for two domains: dnswl.org and uribl.org, per notes in spamassassin in a box FAQ

2) set two IP addresses for smartermail: 127.0.0.1, and the public IP address of the mail server itself

 

This seems to have dispelled the blocked URIBL problem.

 

Friends, thanks very much for your help, and for your time and wise words.  As always, take care.

 

Eric