Protecting resolv.conf

S

Strator

Verified User
Joined
Jan 19, 2011
Messages
283
Hi guys,

Quick question - how can I protect resolv.conf from being overwritten by the system? I already tried permissions 444 but that didn't do the trick.

I suppose my best bet is to change the configuration so that, when it gets overwritten, it's overwritten with the same stuff and not with something I don't want - but where do I do that?

Thanks!
 
If you have a VPS there is a good chance it can't be protected.
Normally the resolve.conf provided by your hosting provider should work good enough. Why do you want to change it?

Anyway, you could use a cronjob to overwrite it again. For example make a resolv.bak with your own settings and make a cronjob @reboot to copy resolve.bak to resolve.conf and restart network again.
 
SeLLeRoNe said:
Maybe chattr +i /etc/resolv.conf will prevent it to be modified.

Regards
Click to expand...
I will try that, thanks.

@Richard: I need it for spam protection. With the original resolv.conf, URIBL is blocking too many requests.
 
@Strator:

Are you running a version of Ubuntu? I've found on my desktop Kubumtu systems that resolv.conf is actually a link to /run/resolvconf/resolv.conf. I resolved the issue (on my desktops) by deleting the links, creating the file, and then chattr'ing the file.

Jeff
 
Have you resolved the problem?

If so, then if it's a VPS, as Richard writes you may want to contact your provider.

You should also of course try the chattr command, and also verify that the file is a file and not a link to a file.

Please reply to let us know how this is resolved.

Thanks.

Jeff
 
It seems like chattr solved the problem with resolv.conf being overwritten, but I am still wrestling with the underlying issue, that Spamassassin keeps giving me URIBL_BLOCKED notices. I've been having this issue for years now - really don't know what to do next.
 
My understanding is that SpamAssassin is simply reporting when a specific blocklist or list isn't allowing you access, generally because they find you in violation of their TOS limiting requests to a certain amount per day.

The problem is that it's not just yoou that they're counting, but everyone else using those nameservers, as they have no idea where the original requests come from, only which nameserver is higgint them.

Check the terms of service for each of the blocklists, and if you're sure yo qualify to use free service then do use your own local caching nameserver(s). It's the right way to do it; it's not a workaround.

If you know you require too many hits, or you'd rather use a local copy of the blocklist, then carefully read the blocklist website; there may be alternative methods for using the blocklist.

Jeff
 
That is my understanding as well. The proposed solution is to use your own non-forwarding caching nameserver, like you wrote.

http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block

Unfortunately, even with that set up (resolv.conf pointing to 0.0.0.0 and the forwarding-related changes to named.conf that are proposed in various web sources) I am still getting the same errors.
 
You must log in or register to reply here.
Back
Top