View Single Post
  #6   (View Single Post)  
Old 14th May 2008
NathanPardoe's Avatar
NathanPardoe NathanPardoe is offline
Real Name: Nathan Pardoe
New User
 
Join Date: May 2008
Location: United Kingdom
Posts: 6
Default

Thanks again for the reply. Sorry about the delays in getting back to you, I've been snowed under with work and not had chance to check the forums.

Running the updated command reveals that addresses listed in DNSBLs can be determined, as demonstrated by the following output -
Quote:
root@darkweb# tcpdump -nvv -i sis0 -s512 host 192.168.1.10 and port domain
tcpdump: listening on sis0, link-type EN10MB (Ethernet), capture size 512 bytes
22:56:16.537689 IP (tos 0x0, ttl 64, id 58914, offset 0, flags [none], proto UDP (17), length 77) 192.168.1.10.51968 > 192.168.1.1.53: [udp sum ok] 22625+ A? 80.152.123.222.zen.spamhaus.org. (49)
22:56:16.582227 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 109) 192.168.1.1.53 > 192.168.1.10.51968: [udp sum ok] 22625 q: A? 80.152.123.222.zen.spamhaus.org. 2/0/0 80.152.123.222.zen.spamhaus.org. A 127.0.0.10, 80.152.123.222.zen.spamhaus.org. A 127.0.0.4 (81)
The tcpdump was sourced from checking Spamhaus using the same IP address as before.
Quote:
nathan@darkweb% dig 80.152.123.222.zen.spamhaus.org

; <<>> DiG 9.4.2 <<>> 80.152.123.222.zen.spamhaus.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22625
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;80.152.123.222.zen.spamhaus.org. IN A

;; ANSWER SECTION:
80.152.123.222.zen.spamhaus.org. 1800 IN A 127.0.0.10
80.152.123.222.zen.spamhaus.org. 1800 IN A 127.0.0.4

;; Query time: 46 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed May 14 22:56:16 2008
;; MSG SIZE rcvd: 81
Analysing the Sendmail logs reveals no rejections due to DNSBL listing, and the nightly FreeBSD periodic mail doesn't list any blocklists. It is as if Sendmail ignores the DNSBL options in the configuration file. Perhaps Sendmail is compiled incorrectly, but this seems odd as I am using the standard FreeBSD port.

Sorry if my post has missed anything out. Again, I'd appreciate any further help you could offer.
__________________
Best regards,

Nathan Pardoe
TickleStix
www.ticklestix.co.uk
Reply With Quote