Closed matteocorti closed 8 years ago
matteocorti
commented
8 years ago Original reporter: matteo@corti.li
Hi,
it is difficult to investigate the issue without additional data. I never saw the issue and I am not able to reproduce the problem.
Could you check which is the output of the plugin with the --verbose and --debug options?
Matteo
matteocorti
commented
8 years ago Original reporter: matteo@corti.li
Dear Peter
actually I get mixed results even by doing a simple DNS query for 101.65.201.188.spam.dnsbl.sorbs.net
I usually get no answer:
$ host 101.65.201.188.spam.dnsbl.sorbs.net
Host 101.65.201.188.spam.dnsbl.sorbs.net not found: 3(NXDOMAIN)but from time to time I get a positive answer
$ host 101.65.201.188.spam.dnsbl.sorbs.net
101.65.201.188.spam.dnsbl.sorbs.net has address 127.0.0.6This shows that the issue is not in the plugin.
I would suggest you to use a small script to check periodically the status (using your DNS configuration).
#!/bin/sh
REVERSED_IP=101.65.201.188
RBL=spam.dnsbl.sorbs.net
RESULTS=results.log
INTERVAL=10
while [ true ] ; do
host "${REVERSED_IP}.${RBL}" >> ${RESULTS} 2>&1
sleep ${INTERVAL}
doneSome public DNS (e.g., Google explicitly filter some RBLs)
Original reporter: helpdesk@axoft.nl
Hello,
We are happily using the Check_Rbl plugin to monitor customers servers of being blacklisted.
One thing we notice is that sometimes the plugin will report a server being positive on a blacklist while the server isn't actually listed on the blacklist, but was listed in the past.
For this moment we have it only with spam.dnsbl.sobs.net. This list also contains servers which have been listed as spam some time ago. This server is on the old.spam.dnsbl.sorbs.net list which is part of the spam.dnsbl.sorbs.net list.
So the check_rbl against the spam.dnsbl.sorbs.net list will sometimes give a result of the server being listed and sometimes not being listed. The check is flapping between ok and critical because of this.
Can you have a look at this issue ?
More information: http://www.sorbs.net/using.shtml