<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">I am using unbound and rspamd.<div class=""><br class=""></div><div class="">Unbound is configured as follows (snippet)</div><div class=""><br class=""></div><div class=""><div style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">forward-zone: </span></div><div style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""> name: "."</span></div><div style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""> # Quad9 phising/malware site blocking DNS 9.9.9.9</span></div><div style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""> forward-addr: 9.9.9.9</span></div><div style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""> # Quad9 2nd DNS</span></div><div style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""> forward-addr: 149.112.112.112</span></div><div style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""> # Fallback if Quad9 is out: Google:</span></div><div style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""> # forward-addr: 8.8.4.4</span></div><div style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: normal; font-family: Menlo;" class=""><br class=""></div><div class="">It seems that rspamd doesn’t like that, because the DNS masters for <a href="http://multi.uribl.com" class="">multi.uribl.com</a> and <a href="http://dnl.dnswl.org" class="">dnl.dnswl.org</a> apparently do not like getting a DNS query forwarded from public DNS servers. Which produces errors like:</div><div class=""><br class=""></div><div class=""><div style="font-family: Menlo; font-size: 11px; margin: 0px; font-stretch: normal; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures;" class="">2019-12-28 17:47:20 #16267(controller) <gp88ff>; monitored; rspamd_monitored_dns_cb: DNS query blocked on <a href="http://multi.uribl.com" class="">multi.uribl.com</a> (127.0.0.1 returned), possibly due to high volume</span></div><div style="font-family: Menlo; font-size: 11px; margin: 0px; font-stretch: normal; line-height: normal;" class=""><span style="font-variant-ligatures: no-common-ligatures;" class="">2019-12-28 17:47:20 #16267(controller) <k7m6sm>; monitored; rspamd_monitored_dns_cb: DNS reply returned 'no error' for <a href="http://dwl.dnswl.org" class="">dwl.dnswl.org</a> while 'no records with this name' was expected when querying for '<a href="http://tte6_6bjcreyadp1do_tgob69-n7r.dwl.dnswl.org" class="">TTE6_6BJCREYADp1do_TGob69-N7R.dwl.dnswl.org</a>'(likely DNS spoofing or BL internal issues)</span></div></div><div class=""><span style="font-variant-ligatures: no-common-ligatures;" class=""><br class=""></span></div><div class="">which breaks rspamd I think</div><div class=""><br class=""></div><div class="">So, I think (not sure) that I am supposed not to use a forwarder to a public DNS provider with rspamd. But that would mean I lose the advantage of Quad9. Hence, I was thinking that I m,ight need to tell unbound an exception for these domains, sidestepping the forwarding. Is that possible? (Does it solve my issue? I don’t know but I’d like to try).</div><div class=""><br class=""><div class="">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;">Gerben Wierda</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><a href="http://enterprisechess.com/" class="">Chess and the Art of Enterprise Architecture</a></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><a href="http://masteringarchimate.com/" class="">Mastering ArchiMate</a></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><a href="https://www.infoworld.com/blog/architecture-for-real-enterprises/" class="">Architecture for Real Enterprises</a> at InfoWorld</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><a href="https://eapj.org/on-slippery-ice/" class="">On Slippery Ice</a> at EAPJ</div></div>
</div>
<br class=""></div></div></body></html>