Closed nacho26 closed 4 years ago
I'm not sure that's correct. I have only found a document (can't find the link now, could be outdated) detailing the meaning of each response and there was no 127.0.2.255. Maybe it's actually intended to be 127.0.1.255, as it has a clear meaning irrespective of which list is being queried?
Here: https://docs.spamhaustech.com/10-data-type-documentation/datasets/040-zones.html
In my rspamd Installation I only see 127.0.1.255 answers from „normal“ spamhaus blacklist and that rspamd get an answer from zrd blacklist with 127.0.2.255 that’s not linked to a symbol. I change that setting in my system already and don’t get that message after the change for 127.0.1.255. I think it’s different in zrd and I’m sure that’s right. I thought this code came from spamhaus employees? Are you a spamhaus employe?
@nacho26 I see the same here. Also, always ZRD(0.00)
.
In my rspamd Installation I only see 127.0.1.255 answers from „normal“ spamhaus blacklist and that rspamd get an answer from zrd blacklist with 127.0.2.255 that’s not linked to a symbol. I change that setting in my system already and don’t get that message after the change for 127.0.1.255. I think it’s different in zrd and I’m sure that’s right. I thought this code came from spamhaus employees? Are you a spamhaus employe?
(I'm not a Spamhaus employee).
The official documentation doesn't ever mention 127.0.2.255. Neither does the Spamhaus-provided configuration for spamassassin. So to me it's clear that 127.0.1.255 is the response you get if you query for an IP in a (as in "any") blacklist that doesn't accept IPs, like ZRD.
But maybe you could just test it yourself by querying ZRD with an IP and seeing what the response is. I will test that when I can (this evening, CET).
I removed our Key:
dig 91.102.136.90.xxx.zrd.dq.spamhaus.net
;; QUESTION SECTION: ;91.102.136.90.xxx.spamhaus.net. IN A
;; ANSWER SECTION: 91.102.136.90.xxx.zrd.dq.spamhaus.net. 1 IN A 127.0.2.255
dig 91.102.136.90.xxx.dbl.dq.spamhaus.net
;; QUESTION SECTION: ;91.102.136.90.xxx.dbl.dq.spamhaus.net. IN A
;; ANSWER SECTION: 91.102.136.90.xxx.dbl.dq.spamhaus.net. 1 IN A 127.0.1.255
Thanks for testing! Hopefully there will be an official confirmation that the commit is correct, but I have applied to my local installation :)
I'm verifying this and will let you know
So, thanks for spotting this error. The correct return code for "don't query IPs" for ZRD is indeed 127.0.2.255. There was a documentation error by our side (now corrected: https://docs.spamhaustech.com/10-data-type-documentation/datasets/030-datasets.html#zrd)
Pull accepted
ZRD Returncode for DONT_QUERY_IPS is 127.0.2.255 not 127.0.1.255, right?