This article applies to:
- Trustwave MailMarshal/SEG
- Spamhaus reputation service (DNS block list)
Symptoms:
- Rules using the Spamhaus service block every message, even though the sources are not listed.
- Rules using the Spamhaus service do not block any messages, but a manual lookup using the Spamhaus lookup tool shows the IP addresses of message sources are listed.
Causes:
- Spamhaus lookups fail if you directly use a public DNS server such as Google (8.8.8.8) in MailMarshal.
Details:
See the Spamhaus FAQ page, and in particular note the following response:
Check what DNS resolvers you are using: If you are using a free "open DNS resolver" service such as the Google Public DNS or large cloud/outsourced public DNS servers, such as Level3's or Verizon's, to resolve your DNSBL requests, in most cases you will receive a "not listed" (NXDOMAIN) reply from Spamhaus' public DNSBL servers. We recommend using your own DNS servers when doing DNSBL queries to Spamhaus.
Resolution:
Configure MailMarshal/SEG to use a local DNS server.
- Trustwave has always recommended use of a local DNS server as best practice for responsiveness in mail delivery and other lookups.