Update rbl.conf

[nacho26]

ZRD Returncode for DONT_QUERY_IPS is 127.0.2.255 not 127.0.1.255, right?

[reinob]

I'm not sure that's correct. I have only found a document (can't find the link now, could be outdated) detailing the meaning of each response and there was no 127.0.2.255. Maybe it's actually intended to be 127.0.1.255, as it has a clear meaning irrespective of which list is being queried?

Here: https://docs.spamhaustech.com/10-data-type-documentation/datasets/040-zones.html

[nacho26]

In my rspamd Installation I only see 127.0.1.255 answers from „normal“ spamhaus blacklist and that rspamd get an answer from zrd blacklist with 127.0.2.255 that’s not linked to a symbol. I change that setting in my system already and don’t get that message after the change for 127.0.1.255. I think it’s different in zrd and I’m sure that’s right. I thought this code came from spamhaus employees? Are you a spamhaus employe?

[HansVanEijsden]

@nacho26 I see the same here. Also, always ZRD(0.00).

[reinob]

In my rspamd Installation I only see 127.0.1.255 answers from „normal“ spamhaus blacklist and that rspamd get an answer from zrd blacklist with 127.0.2.255 that’s not linked to a symbol. I change that setting in my system already and don’t get that message after the change for 127.0.1.255. I think it’s different in zrd and I’m sure that’s right. I thought this code came from spamhaus employees? Are you a spamhaus employe?

(I'm not a Spamhaus employee).

The official documentation doesn't ever mention 127.0.2.255. Neither does the Spamhaus-provided configuration for spamassassin. So to me it's clear that 127.0.1.255 is the response you get if you query for an IP in a (as in "any") blacklist that doesn't accept IPs, like ZRD.

But maybe you could just test it yourself by querying ZRD with an IP and seeing what the response is. I will test that when I can (this evening, CET).

[nacho26]

I removed our Key:

dig 91.102.136.90.xxx.zrd.dq.spamhaus.net

;; QUESTION SECTION: ;91.102.136.90.xxx.spamhaus.net. IN A

;; ANSWER SECTION: 91.102.136.90.xxx.zrd.dq.spamhaus.net. 1 IN A 127.0.2.255

---

dig 91.102.136.90.xxx.dbl.dq.spamhaus.net

;; QUESTION SECTION: ;91.102.136.90.xxx.dbl.dq.spamhaus.net. IN A

;; ANSWER SECTION: 91.102.136.90.xxx.dbl.dq.spamhaus.net. 1 IN A 127.0.1.255

[reinob]

Thanks for testing! Hopefully there will be an official confirmation that the commit is correct, but I have applied to my local installation :)

[ricalfieri]

I'm verifying this and will let you know

[ricalfieri]

So, thanks for spotting this error. The correct return code for "don't query IPs" for ZRD is indeed 127.0.2.255. There was a documentation error by our side (now corrected: https://docs.spamhaustech.com/10-data-type-documentation/datasets/030-datasets.html#zrd)

Pull accepted