Seeing the "URIBL_BLOCKED" rule being hit every once in a while in the Syslog...

diamondcomputer · May 8, 2024

Good afternoon all.

We've recently set up a new Proxmox Email Gateway server and have been pretty impressed so far with all it can do to curb the spam flow to our mail servers. Watching the Syslog feed for a while today I noticed several "URIBL_BLOCKED" messages, which seems strange to me as our mail volume isn't heavy and I have set up and am exclusively using the local unbound DNS server for resolution. It's not consistently being blocked, but I'd still love to chase down the reason why it is every once in a while.

Does anyone know what the threshold is for "too many" queries?

Thanks!

Phil D. Malmstrom
Diamond Computer Incorporated

mbrother · May 20, 2024

Hi,

What's the result when run this command on your server?

Code:

host -tTXT 2.0.0.127.multi.uribl.com

Stoiko Ivanov · May 22, 2024

diamondcomputer said:
URIBL_BLOCKED"

diamondcomputer said:
nd I have set up and am exclusively using the local unbound DNS server for resolution.

just to be on the safe side - is the local unbound:
* really resolving everything by itself (no forward DNS server configured)?
* not shared with any other system (no other system has PMG's IP as DNS server)
* not sharing the public IP with another DNS server which also does DNSBL lookups?

else could you please share some logs of such mails - maybe we see something else there

Search

Search

Seeing the "URIBL_BLOCKED" rule being hit every once in a while in the Syslog...

diamondcomputer

New Member

mbrother

Member

Stoiko Ivanov

Proxmox Staff Member