iRedMail - dnsblog_query: lookup error

Question

I have a lot of warnings like this below in my logs. Why is that and how can I correct this?

mail postfix/dnsblog[25349]: warning: dnsblog_query: lookup error for DNS query 161.170.123.180.zen.spamhaus.org: Host or domain name not found. Name service error for name=161.170.123.180.zen.spamhaus.org type=A: Host not found, try again

It also looks like the name resolving is just fine because:

# host 161.170.123.180.zen.spamhaus.org
;; connection timed out; no servers could be reached

but:

# host google.com
google.com has address 173.194.76.138
google.com has address 173.194.76.113
google.com has address 173.194.76.102
google.com has address 173.194.76.100
google.com has address 173.194.76.139
google.com has address 173.194.76.101
google.com has IPv6 address 2a00:1450:4007:814::200e
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.

Please try check your nameservers. Probably it dns resolving. — Meiram Chuzhenbayev, Jan 03 '18 at 10:19
I don't think so. I can do: host google.com and it gives me the correct IP — Kornel, Jan 08 '18 at 20:19

score 0 · Answer 1 · answered Jul 27 '22 at 11:38

Intro:

iRedMail is a collection of mail apps, one of which is Postfix which provides the SMTP functionality.

It's the Postfix part of it logging the message you see, so the answer is useful to Postfix users as well.

Problem:

This error can be produced by pointing your Postfix server(s) to public DNS servers to query Real Time Blackhole Lists and being blocked due to the high volume. Note that Wietse- the developer of Postfix- himself warns not to do this:

Maurizio Caloro:

You should not use public dns servers to query dnsbls as they are likely blocked due to excessive query volume at the dnsbl. Install and use >>a local resolver like unbound, knot, bind and use nameserver 127.0.0.1 in /etc/resolv.conf

root@nmail:/etc/postfix# cat /etc/resolv.conf nameserver 127.0.0.1 nameserver 8.8.8.8 <<=== THIS IS A PUBLIC DNS SERVER

You should not use public dns servers to query dnsbls.

   Wietse

SOURCE: https://www.mail-archive.com/postfix-users@postfix.org/msg90746.html

Solution:

Set the DNS servers your Postfix server queries to non-public ones. Myself, I use the ISP's that are provided with my internet connection: these are queryable only by their own customers.

Or you could specify your own BIND servers- assuming they don't allow recursive queries from the 'net- if you run your own DNS infrastructure.

iRedMail - dnsblog_query: lookup error

1 Answers1

Intro:

Problem:

Solution: