Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] letit2 [.] bit blacklist

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] letit2 [.] bit blacklist

Chronological Thread 
  • From: Al Beano <albino AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] letit2 [.] bit blacklist
  • Date: Wed, 02 Aug 2017 21:16:09 +0100

Why does it matter? Spamhaus can make as many lists as they want, OpenNIC
doesn't answer to them.

If they're going to do this, I think it's best to concede that you can't run
DNS and mail on a single server — I'd rather that than be bullied by

On 2 August 2017 18:44:15 BST, Jeff Taylor <shdwdrgn AT> wrote:
>I received complaints today that outgoing emails are getting blocked by
>spamhaus SBL due to resolving tehnomix.bit. The block is on a single IP
>address with a /32 mask, so damage is limited but unfortunately still
>causing a problem. For now this domain has been blackholed into
> Anyone using will be affected by
>Checking my logs, I've had 301,958 lookups on my servers in the past
>11.5 hours. Apparently I screwed something up with my new internet
>connection because my servers are supposed to require whitelisting but
>they are answering all queries... gonna have to fix that!
>Also of note... since the block is for a single IP address, I believe
>the issue is that the DNS server is on the same IP and my mail server.
>Unlike the others here, I did NOT receive any notice from spamhaus
>regarding being blocked.
>Now for anyone else in a bind that needs to blackhole a specific domain
>name under BIND9, the process is fairly simple, but as mentioned
>previously you want to be open about any such changes you make to
>OpenNic servers, and any such blocking is typically not allowed under
>opennic rules...
>First you want to create a zone file to handle generic entries:
>-- db.blacklisted --
>; Blacklisted domains that should be blocked from resolving
>$TTL 3600
>@ IN SOA hostmaster (
> 2017080200 ; serial
> 3600 ; refresh
> 180 ; retry
> 86400 ; expire
> 3600 ; default TTL
> )
> IN A
>* IN A
> IN AAAA ::1
>* IN AAAA ::1
>Next you need config file for BIND9 to handle to entries:
>-- /etc/bind/named.blacklisted --
>zone "letit2.bit" {type master; file "/path/to/db.blacklisted";};
>zone "tehnomix.bit" {type master; file "/path/to/db.blacklisted";};
>And finally, add an include to your named.conf:
>include "/etc/bind/named.blacklisted";
>Reload bind, and check to see the results:
># dig tehnomix.bit @localhost
>tehnomix.bit. 3600 IN A
>You are a member of the OpenNIC Discuss list.
>You may unsubscribe by emailing
>discuss-unsubscribe AT

Archive powered by MHonArc 2.6.19.

Top of Page