DNSBL helper not answering

John Scully jscully@isupportisp.com
Thu Nov 23 15:29:45 UTC 2006


If anyone is using Spamhaus or any other network RBL and processing a lot of 
mail, I highly recommend RBLDNSD, available and very well documented at 
http://www.corpit.ru/mjt/rbldnsd.html

It is a very high performance memory cached platform designed for dns based 
block lists.  It is easy to install, uses only about 50 meg of memory for 
the six large block lists to which we subscribe (including the huge SURBL 
multi list and the Spamhaus SBL/XBL).  I don't think we could even measure 
load on the server unless we are processing over 100 messages per 
second...and even then it is almost zero.

You can set up with spamhaus for a daily or more frequent download of the 
files using rsync.

By setting the resolv.conf properly on the DCC and any other client servers 
it will hit your rbldnsd copy first, then hit the spamhaus servers if yours 
does not respond.  You can also use the rbldnsd for spamassassin uribl 
lookups.

John Scully
iSupportISP.com
----- Original Message ----- 
From: "Daniel Gehriger" <daniel.gehriger@linkcad.com>
To: "Vernon Schryver" <vjs@calcite.rhyolite.com>; <dcc@rhyolite.com>
Sent: Thursday, November 23, 2006 3:51 AM
Subject: Re: DNSBL helper not answering


>
> Vernon Schryver wrote:
>>> From: Daniel Gehriger
>>
>>> I'm running the latest DCC as a postfix before-queue filter, as 
>>> described in the SMTPD_PROXY_README.
>>
>> When you say "the lastest DCC", do you mean the latest official version
>> or the lastest version published by third parties such as Debian?
>
> I'm using DCC 1.3.45-1.55, manually compiled with 
> "./configure --with-uid=vscan".
>
>> Why not set DNSBL_ARGS instead of DCCIFD_ARGS directly?
>
> Ok, I switched to using DNSBL_ARGS with the following parameters (same as 
> before in DCCIFD_ARGS):
>
> DNSBL_ARGS="-Bset:debug=5 '-Bset:rej-msg=5.7.1 554 Service unavailable; 
> Message (id: %s) blocked using relays.ordb.org; 
> http://ordb.org/lookup/?host=%s' -Brelays.ordb.org,any 
> '-Bset:rej-msg=5.7.1 554 Service unavailable; Message (id: %s) blocked 
> using sbl-xbl.spamhaus.org; 
> http://www.spamhaus.org/query/bl?ip=%s' -Bsbl-xbl.spamhaus.org,any"
>
>> You must mean dccifd instead of dccproc.
>
> Sorry, yes, I'm using dccifd.
>
>> Are you sure there are no helper processes, and that what is really
>> happening is that the relays.ordb.org and sbl-xbl.spamhaus.org DNS
>> servers are taking too long to answer?  Have you tried increasing
>> the per-URL delay budget with "-Bset:URL-secs=20" or similar?
>
> 100% sure. The helper processes (the ones with "-B helper:x,y") exit after 
> idling and are not always restarted.
>
> "ps -ef | grep dcc | grep helper" yields nothing.
>
> I already increased the timeout limit w/o success.
>
>> What version and flavor of UNIX-like operating system are you using?
>> The main dccifd or dccm process uses waitpid(WNOHANG) to know when
>> helper processes have gone away.  That works well on FreeBSD, but
>> maybe not on other flavors.
>>
>> After every failure to receive an answer from a helper, zombie
>> helpers are reaped.
>> After 5 failures to receive an answer, all of the helpers are terminated
>> and restarted.
>>
>> There may be a race in restarting idle helpers.  I'll look into it.
>
> I'm using SuSE Linux 9.1, so that should be fine. I agree that this looks 
> like a race condition.
>
> Thanks for looking into this!
>
> Daniel
>
> _______________________________________________
> DCC mailing list      DCC@rhyolite.com
> http://www.rhyolite.com/mailman/listinfo/dcc
>
> 





More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.