• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

DNSBL is enabled but does not work

C

ChananZ

New Pleskian
Greetings,

Our Linux server had worked fine until a few days ago. Then the Dr. Web license was not renewed automatically for some reason, and also the spam protection using zen.spamhaus.org has stopped working.

Now we're receiving tons of incoming spam that does not get filtered by spamhaus.org's DNSBL.

The license for Dr. Web has been installed now manually.
Yet no matter what we do through the Plesk Panel, we can't seem to be able to enable the spamhaus.org filtering.

Plesk 8.3.0.
SpamAssassin is active.
Dr. Web is active.

Any clue?
 
can you post your /etc/xinetd.d/smtp_psa file please? (or wherever your OS puts it)

That might provide a clue as to what is happening.

Faris.
 
Thanks for responding.
Problem is still there, most probably thanks to the Dr. Web component.

Here's the smtp_psa file:
------------------------------------
service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = -Rt0 /usr/sbin/rblsmtpd -r zen.spamhaus.org /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}
-------------------------------------

Thanks.
 
As I understand things, the dnsbl check happens before any virus checking, so even if Dr Web wasn't working correctly I'd still expect the dnsbl side of things to work. Obviously this is not the case here though and something more serious must be afoot, so I'm not sure what to suggest other than maybe a manual check to see if you can do a DNS lookup using zen.spamhaus.org

If I remember correctly, you basically need to do a lookup for the reverse of the IP.

e.g. to lookup 1.2.3.4 you'd need to do ab nslookup or dig on 4.3.2.1.zen.spamhaus.org
(I could be wrong about this though)

Faris.
 
A good point.
I've looked up an IP address that should have been blocked:
Looking up with
- zen.spamhaus.org return not found.
- sbl.spamhaus.org returned not found.
- xbl.spamhaus.org caught the offending IP address.

Strange, as zen is said to include xbl.

But, I've changed my rbl settings and now all is fine.

Thanks a lot for this tip.
 
You must log in or register to reply here.

Similar threads

propz
Resolved Email Domain Blacklisting not working 100%
Replies
7
Views
2K
Kaspar
K
M
Resolved Cannot install or retrieve license key
2
Replies
22
Views
13K
mazo0012
M
Kulturmensch
Question resolv.conf problems with Ubuntu 22.04 LTS
Replies
13
Views
19K
learning_curve
learning_curve
P
Outgoing email messages not DKIM signed when enabled for a domain and in server settings
2
Replies
20
Views
6K
enerspace
enerspace
Ehud
Question Is Plesk Email SRS fully configured, or it requires an extension?
Replies
0
Views
2K
Ehud
Ehud
Back
Top