DNSBL not working | MDaemon Technologies, Ltd.
  1. Forum
  2. MDaemon
  3. DNSBL not working

DNSBL not working

  • G

    HI,

    We have setup an OWN DNSBL, using a BL list of us, but MDAemon refuses to use it, continuing to use zen.spamhaus.org, likes:

    25-Jun-2025 17:02:47.263 queries: info: client @0x7f9ff4085118 192.168.3.42#62573 (111.193.162.108.zen.spamhaus.org): query: 111.193.162.108.zen.spamhaus.org IN A +E(0) (192.168.2.11)

    We have removed the entry from DNSBL, even disabled DNSBL, but continues!

    Added other 2 entries, one public and one our DNSBL, but ignored. Restarted Mdaemon, no way.

    Maybe it's used by another module, likes antispam, or one of the antivirus.

    Other word, seems DNSBL it's completly broken, to me.

    NOTE: if i make the test before adding the DNSBL, zen.spamhaus.org does not works, as we don't have a license, ok, BUT our DNSBL, yes!

    Regards,

    Giovanni

     

     

    0 likes
  • A

    25-Jun-2025 17:02:47.263 queries: info: client @0x7f9ff4085118 192.168.3.42#62573 (111.193.162.108.zen.spamhaus.org): query: 111.193.162.108.zen.spamhaus.org IN A +E(0) (192.168.2.11)

    This looks like a the MDSpamD log file, which indicates that SpamAssassin is doing the lookup. There are a couple different things that could be causing this.  In Remote Administration under Spam Filter | DQS, make sure that you do not have the DQS box checked.  If you disable DQS and the zen lookups are still occurring, restart MDaemon.

    If the lookups are still occuring after restarting then you'll have to edit the CF files for SpamAssassin to prevent the lookups or disable the rules causing the lookups.

    Edit your MDaemon\SpamAssassin\rules\local.cf file with a text editor (do NOT use notepad.exe)
     
    • Add the following lines to disable the specific Spamhaus rules and set their scores to 0: 
       
     
        score RCVD_IN_ZEN 0    score RCVD_IN_XBL 0    score RCVD_IN_PBL 0
    • Save the changes to the local.cf file. 
       
      Another option is to restrict the DNS queries to spamhaus using dns_query_restriction by adding the following to the local.cf file: 
     
        dns_query_restriction deny zen.spamhaus.com
    Save the changes.
     
    After you have completed the desired changes, restart MDaemon.

    When configuring MDaemon to do DNS BL lookups by going to Spam Filter | DNS BL Lookups, MDaemon itself performs the lookups.  You can see this occurring in the inbound SMTP log where it will look like this:

    Wed 2025-06-25 10:54:10.388: [10818074] Performing DNS-BL lookup (2.2.2.2 - connecting IP)
    Wed 2025-06-25 10:54:10.388: [10818074] *  test.mydnsbl.org - passed
    Wed 2025-06-25 10:54:10.489: [10818074] *  your.dnsbl.org - passed
    Wed 2025-06-25 10:54:10.489: [10818074] ---- End DNS-BL results

    You can also see it logged in the DNSBL log which will look like this:

    Mon 2025-06-23 03:56:33.563: zen.spamhaus.net returned result of 127.0.0.3
    Mon 2025-06-23 03:56:33.563: MAIL: Noreply@nicepeople.org,  RCPT: user@yourdomain.com

    If you are not seeing it logged, check your logging settings to make sure you have DNS BL logging enabled.  In Remote Administration go to Log | Log Settings | Settings, check the box for "Log DNS block list activity"

    --
    Arron Caruth

    0 likes
  • G

    OK, this explicates why we have logs even with DNSBL disabled, but remains the fact that we don't see any query from DNS-BL, neither in SMTP log, neither in DNSBL log.

    Regards,

    Giovanni

    0 likes
  • A

    If you are not seeing it logged, check your logging settings to make sure you have DNS BL logging enabled.  In Remote Administration go to Log | Log Settings | Settings, check the box for "Log DNS block list activity"

    --
    Arron Caruth

    0 likes
  • G

    Hi Arron,

    checked, i paste here all of my config

    As you can see it's all enabled.

    Here the log file:

    Any help appreciated.

     

    Regards,

    giovanni

     

    0 likes
  • A

    How are the messages getting to MDaemon?  (DomainPOP, MultiPOP, ATRN, SMTP, ETRN)

    If MDaemon is receiving the email via SMTP:

    Is the inbound SMTP session coming from a trusted IP address?

    Is the inbound SMTP session authenticating?

    Do you have any entries in the DNSBL Allow list?

    Can you post a session transcript that shows MDaemon receiving an email that DNSBL lookups should be done on, but they were not?

    --
    Arron Caruth

    0 likes
  • G

    @Arron Message arriving via SMTP, the server is directly exposed online, no trusted IP, inbound open to everyone, have 2 entryes now, both PASSED the test button on MDAemon panel.

    In the SMTP log, there are no [DNS-BL] tag or processing at all... The DNS-BL.log exists, but it's empty, as you can see.

     

    Regards,

    Giovanni

    0 likes
  • A

    My apologies for the delay.  Are you still having this issue?

    Can you zip and upload your MDaemon\app directory along with the inbound SMTP log for me to take a look at?

    https://mdaemon.sharefile.com/r-rc3922c1eed334d4dbf5e34f0bd04ccd6

    Once you've uploaded the zip file, please let me know the name of the file.

    --
    Arron Caruth

    0 likes
Please login to reply this topic!