21 November

DNS Blacklists queries fails : No data of the requested type was found

Written by 

Problem

DNS Blacklists queries, return null records or don't match a given ip when a web search does.

More in detail

If you run your own mail server chances are that use DNS Blacklists to prevent Spam from reaching your users inbox.
Even thought its not 100% accurate, DNS Blacklists can help you reduce substantially the amount of Spam that reaches your server, its probably, the most efficient way out there.

DNSBl's are very easy to configure on your mail server and they use a query based on the DNS system, which consumes very little bandwidth and server resources.

However DNSBl's are usually made available for free from entities or companies around the world, and 90% of the times, these companies impose usage limits on the amount of queries you can make against their servers.

So if you are a service provider that easily makes over 10 000 queries a day, free solutions are not the way to go, you are required to purchase and register one of their plans.

The issue

Even tough its not recommended in a production environment, chances are that your server machine is configured to use one of the many available free DNS server's such as google (8.8.8.8 or 8.4.4.8) for name resolution, the issue starts when your mail server queries the blacklist via the DNS your system has configured, in this case, the google servers. As you can imagine google serves millions of requests and easily their servers get listed on the DNSBl's ban list.

This means that whenever your system tries to query the DNSBl via the google DNS its gets a null or un-existing domain response.

Take for instance this hMailServer log entry as an example:

"TCPIP"    4564    "2016-11-21 18:25:04.219"    "DNS query failure. Query: xx.xx.xx.xx.dnsbl.sorbs.net, Type: A/AAAA, DnsQuery return value: 11004. Message: The requested name is valid, but no data of the requested type was found"
"TCPIP"    4564    "2016-11-21 18:25:04.219"    "DNS lookup: xx.xx.xx.xx.dnsbl.sorbs.net, 0 addresses found: (none), Match: False"

This is the typical result of failed query against a blacklist.

Solution

The first thing you should check is the DNS configuration in the network connection your server uses to access the internet and evaluate from there.

If you are using google servers or any other third party dns servers to provide name resolution the alternatives are:

#1 - Use your ISP provider DNS server instead.

#2 - Setup and configure your own DNS server (preferable)

If possible, you should install and configure your own DNS server, mainly because you will be bypassing similar issues and you can keep control of your own DNS infrastructure.

DNS in Windows is very easy to install and its definitely worth spending 15 minutes in setting up the role in the server. It will bring you peace of mind in the long run and will query your DNSBL's properly.

Once installed, make sure you setup your connection to use only your local DNS as a name resolution server.

In Windows you can easily test your server configuration by using the NSLookUp command as such:

cmd: nslookup google.com localhost

Once that request succeds, query a DNSBL such as :

cmd: nslookup 1.0.0.127.zen.spamhaus.org localhost

You should now have a succesful lookup query against the DNSBL's

 

 

Read 2757 times Last modified on Sunday, 04 December 2016 17:46
Rate this item
(0 votes)

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Latest Posts

Contacts

João Vieira

Skype: jcv.pt

Email: info@joao-vieira.pt

About

This is my personal page, here you will find IT related, projects, discussions and reviews. Feel free to coment and leave your input.