Use local Named 127.0.0.1 for URIBL

[Incredi-man]

In order to fight spam i use URIBL. My /etc/resolv.conf points to the two DNS servers of my VPS provider. But spam messages are getting trough with "ADMINISTRATOR NOTICE: The query to URIBL was blocked.". I learned this is because DNS servers are limited to the queries they can do on a blocklist.

A workaround is to set the resolver to the local NAMED service 127.0.0.1.

But how can i check in advance this wil work. If i dig an external domain using the local DNS i get no answer. "dig google.com +short @127.0.0.1". A local domain works fine. I want to change it on a production server with 100+ customers, so i need to be a little precautions.

 

[Richard G]

That is correct. I've pointed that out too in some posts. Same can happen if you use 8.8.8.8 so the Google dns.

I use my own nameservers and using 127.0.0.1 as resolver is no problem. I don't know if thats also possible when running external nameservers.
However in that case, instead of 127.0.0.1 you can also use 1.1.1.1 as resolver for this.

 

[Incredi-man]

Oké thanks Richard, i will test the 1.1.1.1 (Cloudflare) resolver. It's this one limited in RBL queries?

 

[Richard G]

As from their faq:

Cloudflare's authoritative DNS services are free of charge and Cloudflare does not limit DNS queries for a domain on the Cloudflare network.

It doesn't say anything about domains not on the Cloudflare network, but at this moment I did not encounter issues yet.
You might try to set one of the opendns nameserver ip's as secondary in the /etc/resolv.conf file.