How to query Spamhaus DNS blacklist from a droplet?
I want to set up a small mail server. I have got Postfix on Ubuntu working, but now I want to add some level of spam filtering using the zen.spamhaus.org DNS blacklist, and this is not working. The Spamhaus instructions suggest trying this command:
dig +short 126.96.36.199.zen.spamhaus.org
and if I run it on my droplet I get no answer. At home, using my ISP’s DNS server, I do get a reply, so Spamhaus is working fine, it’s the droplet’s resolver that’s not returning anything. The /etc/resolv.conf file includes Google’s public name servers:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 2001:4860:4860::8844 nameserver 2001:4860:4860::8888 nameserver 188.8.131.52
The Spamhaus instructions mention:
Check what DNS resolvers you are using: If you are using a free “open DNS resolver” service such as the Google Public DNS […] in most cases you will receive a “not listed” (NXDOMAIN) reply […] We recommend using your own DNS servers when doing DNSBL queries to Spamhaus.
Can I configure my droplet to use some DNS server that does return replies from zen.spamhaus.org?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×