How to query Spamhaus DNS blacklist from a droplet?
I want to set up a small mail server. I have got Postfix on Ubuntu working, but now I want to add some level of spam filtering using the zen.spamhaus.org DNS blacklist, and this is not working. The Spamhaus instructions suggest trying this command:
dig +short 184.108.40.206.zen.spamhaus.org
and if I run it on my droplet I get no answer. At home, using my ISP's DNS server, I do get a reply, so Spamhaus is working fine, it's the droplet's resolver that's not returning anything. The /etc/resolv.conf file includes Google's public name servers:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 2001:4860:4860::8844 nameserver 2001:4860:4860::8888 nameserver 220.127.116.11
The Spamhaus instructions mention:
Check what DNS resolvers you are using: If you are using a free "open DNS resolver" service such as the Google Public DNS [...] in most cases you will receive a "not listed" (NXDOMAIN) reply [...] We recommend using your own DNS servers when doing DNSBL queries to Spamhaus.
Can I configure my droplet to use some DNS server that does return replies from zen.spamhaus.org?