[TriLUG] Email Problems

Randy Barlow randy at electronsweatshop.com
Mon Feb 11 17:15:51 EST 2013


On Mon, 11 Feb 2013, Supple.Joe at epamail.epa.gov wrote:
> IMPORTANT WARNING for System Adminstrators using the CBL (2013/02/11)
> This applies if you are running a mail server using the CBL and are also
> using OpenDNS DNS servers - for example, you have 208.67.222.222 and/or
> 208.67.222.220 in /etc/resolv.conf files on Linux/UNIX.
> Commencing approximately 2013/02/07 (Feb 7) OpenDNS appears to have made a
> change such that it started replacing NXDOMAIN results from CBL DNSBL
> queries with 67.215.65.132. This the IP address of their domain
> spell-checker/search-engine/advertising-monetization web page. This is
> known as NXDOMAIN hijacking.
> Some mail server's DNSBL query mechanisms/configurations will treat this
> as meaning the IP it queried was "listed" in the CBL, but NXDOMAIN is
> supposed to mean "not listed". This means that you will lose valid email.
> We strongly recommend that you stop using OpenDNS immediately.

This was the primary reason I switched away from using TW's DNS, and one
of the main reasons I would have wanted to use OpenDNS. Too bad. There's
always 8.8.8.8 and 8.8.4.4… for now!

-- 
R


More information about the TriLUG mailing list