Solved bl.spamcop.net not resolving

iworx

iworx

Verified User
Joined
Nov 21, 2006
Messages
110
Location
Belgium
Setting up a new server and I can't seem to figure out why '<prefix>.bl.spamcop.net' isn't resolving at all.
Even trying this in dig errors out. Every other domain is resolving instantly. Tried it with Bind and the new Unbound resolver on the server, same result.

Code: 
dig 53.176.230.91.bl.spamcop.net txt
;; communications error to 127.0.0.253#53: timed out
;; communications error to 127.0.0.253#53: timed out

; <<>> DiG 9.18.33 <<>> 53.176.230.91.bl.spamcop.net txt
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49265
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;53.176.230.91.bl.spamcop.net.  IN      TXT

;; Query time: 5 msec
;; SERVER: 127.0.0.253#53(127.0.0.253) (UDP)
;; WHEN: Wed Feb 04 12:03:34 CET 2026
;; MSG SIZE  rcvd: 57

I've tried to disable SpamCop in local.cf but it seems to ignore that line.

Code: 
dns_server 127.0.0.253
dns_query_restriction deny bl.spamcop.net

What can I do to prevent this communication delay and totally remove SpamCop from the list of used RBLs?
 
Last edited:
The miracle option :

Code: 
dns_use_aaaa 0

Seems it tried to go there on IPv6 instead of IPv4.
 
iworx said:
The miracle option :
Click to expand...
So in which file did you put that option? In local.cf?

We didn't but we did have this one:
dns_server 127.0.0.1

However, on our server seems like things are working without that ipv6 exclusion, so maybe something is wrong with resolving on your server?
Or am I missing something? At least I got the authority answer and no timeouts. :)

Code: 
dig 53.176.230.91.bl.spamcop.net txt

; <<>> DiG 9.16.23-RH <<>> 53.176.230.91.bl.spamcop.net txt
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43746
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 7ab508a0c44ee59f010000006983897fd4f36ad59d16c505 (good)
;; QUESTION SECTION:
;53.176.230.91.bl.spamcop.net.  IN      TXT

;; AUTHORITY SECTION:
bl.spamcop.net.         0       IN      SOA     bl.spamcop.net. hostmaster.admin.spamcop.net. 1765633711 3600 1800 3600 0

;; Query time: 115 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Feb 04 19:01:35 CET 2026
;; MSG SIZE  rcvd: 163
 
I think it is related to the distribution. I'm on Almalinux 10 now. My old Almalinux 8 doesn't have a problem either. Config is the exact same. I've noticed IPv6 getting a higher priority. If I do a "dig" with that dns entry it stalls too unless I put -4 behind it.
 
Maybe it relate to new feature DNS unbound between Rhel8, Rhel9, Rhel10 when doing with IPV6.

Try dig with "@127.0.0.1".
 
That's how I started. With the exact same config of my named/bind on an older server.
I first assumed my IP was blocked - then found a thread somewhere that pointed to the IPv6 issue.
 
Strange. Maybe RHEL 10 then indeed. I'm running Alma 9 and no issues with this. But also on Alma 9 when sending mail, ipv6 is preferred.
 
You must log in or register to reply here.
Back
Top