Spam filtering problem [Probably really a BIND problem, but let's not poison the well...] [Postfix]

Prev: cant deliver emails to gmail - no bounced msgs either
Next: temporarily putting ON HOLD

From: listserv.traffic on 6 Apr 2010 00:08

Ok, I started down this path a while back and left it on the shelf -
but now I'm back on the case, but I'm still baffled and don't know where else to ask.

If you'd point me in the right direction, I'd be very grateful. I'll
also include the problem here so you can take a crack at it too.

---
In short, I'm getting failures while doing RBL lookups to
zen.spamhaus.org.

But only some are failing. Sometimes it's most of them, sometimes
almost none.

I can do interactive lookups pretty reliably. [Like dig
65.188.54.60.zen.spamhaus.org]

Yes, I'm pretty sure we're not over the volume limits [We're under by an order
of magnitude.] we're not "commercial" in the spamhaus sense either.

So, it appears BIND isn't returning a result. I get "errors" like
this:

mail postfix/smtpd[5117]: warning: 65.188.54.60.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=65.188.54.60.zen.spamhaus.org type=A: Host not found, try again

So, I assume it's a BIND problem. fine.

I turn up the debug logging in bind to 3 and check the log files.
When I get a failure in the mail log, I look at bind's log. Here's
what I see. [Bind seems to do everything fine, but then]

05-Apr-2010 20:46:19.415 resolver: fetch 0x8ee1d80 (fctx 0x8ee4cc0(65.188.54.60.zen.spamhaus.org/A)): created
05-Apr-2010 20:46:32.418 resolver: fctx 0x8ee4cc0(65.188.54.60.zen.spamhaus..org/A'): timeout

I get two timeouts and then it stops trying.

[I really don't know how to read the debug logs well, but that's
certainly what I get out of them.]

So, why is BIND timing out when checking zen?

---
The most interesting thing is, if I stop and restart BIND, it
starts working again.

[Yes, I'm sure something's probably wrong with BIND, but why are the
only failures I'm aware of, only with zen? Where to start in
diagnosing BIND?]

Thoughts on
A) Where should I better post my BIND problem.
B) How can I test/determine why zen isn't responding? [I know it
looks like BIND is the problem, but in a general sense, how would you
know if zen was the problem.]
C) Any other great ideas? How to TShoot bind?

I'm pretty much out of ideas at the moment.

TIA
-Greg

|
Pages: 1
Prev: cant deliver emails to gmail - no bounced msgs either
Next: temporarily putting ON HOLD