Majik Posted April 30, 2004 Share Posted April 30, 2004 I am trying to setup my mail servers to use bl.spamcop.net, but I need to request a firewall exemption so that I can make a request on port 53 to bl.spamcop.net. The problem is, I cannot get an IP address for this. (Tried several different nslookups on different servers on the internet) Can you provide an IP address that I can add to the firewall so that I can use your service? Link to comment Share on other sites More sharing options...
Spambo Posted April 30, 2004 Share Posted April 30, 2004 Since the ".bl" doesn't indicate a sub-domain (it is a part of the lookup query string) the IP is the same as spamcop.net - which is subject to change at any time a DDoS attack starts up. If you can resolve spamcop.net you can resolve any SCBL lookup. To test it try doing a lookup for 127.0.0.2 (2.0.0.127.bl.spamcop.net) you should receive a positive response (which is 127.0.0.2). Then try a lookup for 127.0.0.1 (1.0.0.127.bl.spamcop.net), you should get a failure to resolve. Link to comment Share on other sites More sharing options...
Majik Posted April 30, 2004 Author Share Posted April 30, 2004 Then maybe I've misunderstood this whole time. Here is my problem, and you can tell me if I have a problem. My DNS points to another DNS inside the firewall which points to an external DNS outside the firewall. I had always assumed that my mail server would make a direct dns request to the blacklist server, but it appears that isn't the case. So, according to your post, if the one worked (and it did) then I should be fine and won't need any holes on port 53 opened in my firewall? Link to comment Share on other sites More sharing options...
Wazoo Posted April 30, 2004 Share Posted April 30, 2004 DNS = Domain Name Server my DNS = ? I'll guess you mean your table entry for where the DNS is ?? DNS inside firewall = ? I'll guess something like pointing to your "gateway" ??? DNS outside firewall = ? maybe "the" DNS actually being used ?? You input a URL into your browser / tool / whatever ... local cache looked at to get an IP ... local cache says 'I don't know" .. so DNS query goes one level up .. that DNS says "I don't know" .. so DNS query gets passed up one more level ... rinse and repeat until satisfied ... if you're pointing your computer to your gateway system, firewall hasn't been touched yet .... one would have to calculate that the gateway computer already has the firewall hole opened up to do DNS query, else all users behind the firewall would be bitching about "can't get to any web pages" .. "my e-mail doesn't work" .. etc ... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.