try to create manually updating RBL on 2000 DNS

Archived from groups: microsoft.public.win2000.dns (More info?)

I have to admit that I have no idea how to create a realtime black lists or
what an RBL really is.

I have done the following:

Part 1
1) Set up DNS on a standalone 2000 server
2) Create a Forward Zone and name it say, "blackhole"
3) Download a zone list from the www.blackholes.us
4) Update the entries into c:\winnt\system32\dns\blackhole.dns according to
the list by a simply cut and paste
5) Refresh the zone
6) Everything looks good

Part 2
1) Update my email software who was previously working with 3 others public
rbl list
2) remove 1 least-used public list and add my DNS (the same computer so I
just type in 127.0.0.1)
3) unblock (by name) certain rubbish mail that I am sure their IPs are on my
new DNS

.... and these rubbish mail get through, ignoring my new settings

Now suppose that I did not do anything wrong in Part 2.

Question

1) Am I an idiot to assume the "RBL base on DNS theory" is equal to "RBL is
the same as DNS servicing difference clients"?
2) Did I do something wrong in Part 1?
3) Any information you can point me to, related to RBL and Windows DNS that
is NOT involving with Exchange server?

Many many thanks,
Jeremy
8 answers Last reply
More about create manually updating 2000
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    "Jeremy Sun" <binmann@hotmail.com> wrote in message
    news:uI9BFmwRFHA.3496@TK2MSFTNGP12.phx.gbl...
    > I have to admit that I have no idea how to create a realtime black lists
    or
    > what an RBL really is.

    Then you problably do NOT want to "create" one but
    rather use and existing one.

    While it is possible to create your own, you will likely
    do better by using a (semi-)professionally maintained
    list (or multiple lists.)

    > I have done the following:
    >
    > Part 1
    > 1) Set up DNS on a standalone 2000 server
    > 2) Create a Forward Zone and name it say, "blackhole"

    Ok, but a more normal name would be Blackhold.local
    or even RBS.YourDomain.Com (a child of some other
    domain)

    > 3) Download a zone list from the www.blackholes.us

    > 4) Update the entries into c:\winnt\system32\dns\blackhole.dns according
    to
    > the list by a simply cut and paste
    > 5) Refresh the zone
    > 6) Everything looks good

    Then you do know how to create one <grin>

    > Part 2
    > 1) Update my email software who was previously working with 3 others
    public
    > rbl list
    > 2) remove 1 least-used public list and add my DNS (the same computer so I
    > just type in 127.0.0.1)

    No, you need to add that ZONE-domain name you used
    above (BlackHole or a better name as per my suggestion).

    The SMTP software will look up the IP + .ZoneName

    And if this zone you created is NOT properly delegated
    on the Internet/internetwork (like your BlackHole and
    my example blackhole.local) then you must ensure that
    your SMTP server uses the same DNS as holds the zone
    (or one that will find the zone through delegation, forwarding,
    etc.)

    > 3) unblock (by name) certain rubbish mail that I am sure their IPs are on
    my
    > new DNS

    I don't understand why you would "unblock ... rubbish" and not
    the other way around, e.g., unblock good stuff, or block rubbish.

    > ... and these rubbish mail get through, ignoring my new settings

    Normally the presence of the record in the blackhole
    list is what causes your SMTP to block it. (This depends
    a BIT on the address-type of record and how sophisticated your
    SMTP.)
    > Now suppose that I did not do anything wrong in Part 2.

    Actually it is part 2 where you made at least one mistake
    and may have that other (unblock) misunderstanding.

    > Question
    >
    > 1) Am I an idiot to assume the "RBL base on DNS theory" is equal to "RBL
    is
    > the same as DNS servicing difference clients"?

    It I understood the above sentence I might be able to
    answer <grin>.

    But taking a guess and cleaning it up a bit: RBL is based
    on DNS theory, but uses DNS in ways that are not common
    outside of RBL, perfectly legal ways, but nevertheless quite
    odd from a "classical DNS perspective."

    The same can be said for Active Directory and DNS if you
    take out the word "quite" and put in "a bit" (uncommon that is.)

    > 2) Did I do something wrong in Part 1?

    Probably not other than choosing a poor zone name
    which may lead to misunderstandings AND the actual
    error in part 2.

    > 3) Any information you can point me to, related to RBL and Windows DNS
    that
    > is NOT involving with Exchange server?

    Why are you trying to run your "own RBL zone"?

    Seriously, to make this work you will have to do
    constant work on it.

    I would understand better if you were just going to
    add a FEW additional blocks that don't already
    appear in your other (commercial/public) RBL
    zones.

    > Many many thanks,
    > Jeremy
    >
    >
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    Still not working after making changes.


    > While it is possible to create your own, you will likely
    > do better by using a (semi-)professionally maintained
    > list (or multiple lists.)

    I want to block some IP addresses. I figured having a semi-permanent IP
    blocking list is a better idea than our current "sender name" blocking list
    which is going over 6000 items while many of them are simply spoof-names.

    > > I have done the following:
    > >
    > > Part 1
    > > 1) Set up DNS on a standalone 2000 server
    > > 2) Create a Forward Zone and name it say, "blackhole"
    >
    > Ok, but a more normal name would be Blackhold.local
    > or even RBS.YourDomain.Com (a child of some other
    > domain)

    A good point. Actually I changed the zone name to the computer name (say,
    let it be "ComputerName" for later reference) and made sure that when I
    nslookup, say, IPd.IPc.IPb.IPa.ComputerName, I have a good reply, from the
    smtp server. I have added a computerName.local zone. However when I tried to
    ping computerName.local I have an unknown-computer reply. I guess it is
    something to do with the difference between windows and unix/linux.

    > > 3) Download a zone list from the www.blackholes.us
    >
    > > 4) Update the entries into c:\winnt\system32\dns\blackhole.dns according
    to
    > > the list by a simply cut and paste
    > > 5) Refresh the zone
    > > 6) Everything looks good

    > Then you do know how to create one <grin>

    It is good to know that I have done the right thing.

    > > Part 2
    > > 1) Update my email software who was previously working with 3 others
    > public
    > > rbl list
    > > 2) remove 1 least-used public list and add my DNS (the same computer so
    I
    > > just type in 127.0.0.1)
    >
    > No, you need to add that ZONE-domain name you used
    > above (BlackHole or a better name as per my suggestion).

    Just did that. I put in "ComputerName".

    > The SMTP software will look up the IP + .ZoneName
    >
    > And if this zone you created is NOT properly delegated
    > on the Internet/internetwork (like your BlackHole and
    > my example blackhole.local) then you must ensure that
    > your SMTP server uses the same DNS as holds the zone
    > (or one that will find the zone through delegation, forwarding,
    > etc.)

    No. They aren't using the same DNS but since I can nslookup entries from the
    rbl I guess it is ok.

    > > 3) unblock (by name) certain rubbish mail that I am sure their IPs are
    on my
    > > new DNS
    >
    > I don't understand why you would "unblock ... rubbish" and not
    > the other way around, e.g., unblock good stuff, or block rubbish.

    I didn't made myself clear. I stop the "sender name" blocking list so that
    rubbish mail will be tested against the new rbl.

    ..
    ..
    ..

    > It I understood the above sentence I might be able to
    > answer <grin>.
    >
    > But taking a guess and cleaning it up a bit: RBL is based
    > on DNS theory, but uses DNS in ways that are not common
    > outside of RBL, perfectly legal ways, but nevertheless quite
    > odd from a "classical DNS perspective."
    >
    > The same can be said for Active Directory and DNS if you
    > take out the word "quite" and put in "a bit" (uncommon that is.)

    It was simply that I had no idea what a rbl is. I was not sure that I could
    use a normal DNS to build up an rbl. Now I do.

    > > 2) Did I do something wrong in Part 1?
    >
    > Probably not other than choosing a poor zone name
    > which may lead to misunderstandings AND the actual
    > error in part 2.

    Mmmmm... Now I got that fixed and something is still going wrong.

    > > 3) Any information you can point me to, related to RBL and Windows DNS
    that
    > > is NOT involving with Exchange server?
    >
    > Why are you trying to run your "own RBL zone"?
    >
    > Seriously, to make this work you will have to do
    > constant work on it.

    I am already doing constant work on it... updating sender blocking list,
    man...

    Some IPs are definitely wanted to be blocked. You know these spammers comes
    from China is just crazy but I can't simply blocked the whole damn thing.

    > I would understand better if you were just going to
    > add a FEW additional blocks that don't already
    > appear in your other (commercial/public) RBL
    > zones.

    I am trying to block gmail. I figured no one from my domain received any
    mails from gmail (yet) so I use my gmail account as my testing subject.

    I will summarise my information below:

    1) Windows 2000 standalone server with latest everything hot-fixed
    2) the same server has a SMTP service with buildin spam detection / supprt
    such as sender name blocking and rbl support
    3) using another DNS on the network, before and after the rbl is setup.
    4) I have a this new rbl / dns setup in the same server.
    5) rbl / dns zone name "ComputerName"
    6) smtp rbl settings point to "ComputerName"
    7) not working

    Any more clue?
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    "Jeremy Sun" <binmann@hotmail.com> wrote in message
    news:#XSWefUSFHA.3336@TK2MSFTNGP10.phx.gbl...
    > Still not working after making changes.

    Then you have likely dones something wrong
    in the zone configuratio (based on your first
    message.)

    > > While it is possible to create your own, you will likely
    > > do better by using a (semi-)professionally maintained
    > > list (or multiple lists.)
    >
    > I want to block some IP addresses. I figured having a semi-permanent IP
    > blocking list is a better idea than our current "sender name" blocking
    list
    > which is going over 6000 items while many of them are simply spoof-names.

    If you want to block IP addresses, you can just do that
    with a filter like IPSec and your SMTP server will never
    even see the connect request.

    The main point of RBL is the "real time" -- it's that someone
    is maintaining these lists on at least a day-to-day basis.


    > > > I have done the following:
    > > >
    > > > Part 1
    > > > 1) Set up DNS on a standalone 2000 server
    > > > 2) Create a Forward Zone and name it say, "blackhole"
    > >
    > > Ok, but a more normal name would be Blackhold.local
    > > or even RBS.YourDomain.Com (a child of some other
    > > domain)
    >
    > A good point. Actually I changed the zone name to the computer name (say,
    > let it be "ComputerName" for later reference)

    Probably not a great name choice either.
    Did you name it "computer" (single tag) or "computer.domain.com"?

    Does the computer and especially the SMTP server use
    this same machine for it's DNS server?

    If not, you must properly delegate the created zone
    to this machine so that it will be found.


    > and made sure that when I
    > nslookup, say, IPd.IPc.IPb.IPa.ComputerName,

    Why are you doing d->a, instead of a-d?

    This is NOT a reverse zone.

    Only reverse zones reverse the octets (for delegation
    reasons.)

    Some SMTP servers have a configuratio for DNS
    separate from the machine on which they run, check
    to make sure your SMTP server is using the same
    DNS as the NSLookup command is using.

    > I have a good reply, from the
    > smtp server. I have added a computerName.local zone.

    Then you would have to put the names (IPs) in there
    and tell the SMTP server to use "computername.local"
    as it's RBL.

    If the zone is named "something.whatever" you tell
    the SMTP server precisely that.

    > However when I tried to
    > ping computerName.local I have an unknown-computer reply.

    There would need to be an A record for that
    name in order to ping it (or a CNAME pointing
    to an A-record with an IP.)

    > I guess it is
    > something to do with the difference between windows and unix/linux.

    No, for the most part DNS is DNS.

    (They have some different special features on the
    two OSes, but the basic functionality and the concepts
    are the same.)

    So fare, I haven't asked you which you are using since
    it didn't matter to the answers I am giving you.

    You don't seem to have some misconceptions
    about zones and formatting the correct records
    in those zone.

    > > > 3) Download a zone list from the www.blackholes.us
    > >
    > > > 4) Update the entries into c:\winnt\system32\dns\blackhole.dns
    according
    > to
    > > > the list by a simply cut and paste
    > > > 5) Refresh the zone
    > > > 6) Everything looks good
    >
    > > Then you do know how to create one <grin>
    >
    > It is good to know that I have done the right thing.

    Well your note in indicated that you couldn't create
    the zone but #6 says everything looks good.


    > > > Part 2
    > > > 1) Update my email software who was previously working with 3 others
    > > public
    > > > rbl list
    > > > 2) remove 1 least-used public list and add my DNS (the same computer
    so
    > I
    > > > just type in 127.0.0.1)
    > >
    > > No, you need to add that ZONE-domain name you used
    > > above (BlackHole or a better name as per my suggestion).
    >
    > Just did that. I put in "ComputerName".

    So you have a zone, the SMTP server can use "it's" DNS
    server (which may not be the same one) to find this zone.

    The zone is listed in the SMTP server.

    The zone contains A records with numbers like 127.0.0.1 etc.
    (there are conventions for different values 1, 2, 3, etc.)

    Those A records are the regular IP prefixed onto the zone
    name.


    > > The SMTP software will look up the IP + .ZoneName
    > >
    > > And if this zone you created is NOT properly delegated
    > > on the Internet/internetwork (like your BlackHole and
    > > my example blackhole.local) then you must ensure that
    > > your SMTP server uses the same DNS as holds the zone
    > > (or one that will find the zone through delegation, forwarding,
    > > etc.)
    >
    > No. They aren't using the same DNS but since I can nslookup entries from
    the
    > rbl I guess it is ok.

    But you may have a separate DNS setting for the
    SMTP server (some do for efficiency.)

    > > > 3) unblock (by name) certain rubbish mail that I am sure their IPs are
    > on my
    > > > new DNS
    > >
    > > I don't understand why you would "unblock ... rubbish" and not
    > > the other way around, e.g., unblock good stuff, or block rubbish.
    >
    > I didn't made myself clear. I stop the "sender name" blocking list so that
    > rubbish mail will be tested against the new rbl.

    Oh, that makes sense. You removed some other filters
    you were using -- filters unrelated to the RBL to test
    the RBL.

    > > If I understood the above sentence I might be able to
    > > answer <grin>.
    > >
    > > But taking a guess and cleaning it up a bit: RBL is based
    > > on DNS theory, but uses DNS in ways that are not common
    > > outside of RBL, perfectly legal ways, but nevertheless quite
    > > odd from a "classical DNS perspective."
    > >
    > > The same can be said for Active Directory and DNS if you
    > > take out the word "quite" and put in "a bit" (uncommon that is.)
    >
    > It was simply that I had no idea what a rbl is. I was not sure that I
    could
    > use a normal DNS to build up an rbl. Now I do.

    Yes. You did. It is just a DNS with specially populated
    zones.

    > > > 2) Did I do something wrong in Part 1?
    > >
    > > Probably not other than choosing a poor zone name
    > > which may lead to misunderstandings AND the actual
    > > error in part 2.
    >
    > Mmmmm... Now I got that fixed and something is still going wrong.

    I think you reversed the IP -- probably thinking of
    reverse zones.

    > > > 3) Any information you can point me to, related to RBL and Windows DNS
    > that
    > > > is NOT involving with Exchange server?
    > >
    > > Why are you trying to run your "own RBL zone"?
    > >
    > > Seriously, to make this work you will have to do
    > > constant work on it.
    >
    > I am already doing constant work on it... updating sender blocking list,
    > man...

    IPSec can block more effectively if you don't
    wish to receive ANY (SMTP) traffic from them.

    Why more effective? Your SMTP server will never
    get the connection.

    Your IPSec software will reject (actually IGNORE it)
    immediately.


    > Some IPs are definitely wanted to be blocked. You know these spammers
    comes
    > from China is just crazy but I can't simply blocked the whole damn thing.

    Right. IPSec can block on single IPs or class size ranges.

    > > I would understand better if you were just going to
    > > add a FEW additional blocks that don't already
    > > appear in your other (commercial/public) RBL
    > > zones.
    >
    > I am trying to block gmail. I figured no one from my domain received any
    > mails from gmail (yet) so I use my gmail account as my testing subject.

    I use and send from Gmail. So does my wife.

    GMail cannot be near the problem that Hotmail is.
    (most of the early users had to obtain an invitation.)

    > I will summarise my information below:
    >
    > 1) Windows 2000 standalone server with latest everything hot-fixed
    > 2) the same server has a SMTP service with buildin spam detection / supprt
    > such as sender name blocking and rbl support
    > 3) using another DNS on the network, before and after the rbl is setup.

    What does the above mean? "using Another DNS"?

    You have to use the one with the RBL list OR the one
    you use must be able to FIND the DNS server with that
    RBL zone.

    > 4) I have a this new rbl / dns setup in the same server.

    Ok, then you have your machine OR SMTP server itself
    pointed strictly at the "same server" for DNS.

    > 5) rbl / dns zone name "ComputerName"
    > 6) smtp rbl settings point to "ComputerName"
    > 7) not working


    > Any more clue?

    Give me some examples of the addresses you wish to
    block and the records you put into the zone?
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    I have add a second zone called ComputerName.DomainName with the same
    content as the first one.
    Change the rbl entry in my smtp server to ComputerName.DomainName.

    I did a ping on ComputerName.DomainName and it looks ok.

    I did an nslookup 201.184.233.64.ComputerName.DomainName and I am able to
    get a reply. Name: 201.184.233.64.ComputerName.DomainName Address: 127.0.0.2

    However mails coming from 64.233.184.201 are still getting through...
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    I did a little check with the DNS logs... no verification was ever done.

    Then I notice that the smtp services rbl reference says "Real Time Blocking
    List Domain Name".

    May be I should point the DNS client to the local DNS server. Then forward
    the DNS servers to the original DNS?


    "Jeremy Sun" <binmann@hotmail.com> ¦b¶l¥ó
    news:eqy$VIVSFHA.3420@TK2MSFTNGP14.phx.gbl ¤¤¼¶¼g...
    > I have add a second zone called ComputerName.DomainName with the same
    > content as the first one.
    > Change the rbl entry in my smtp server to ComputerName.DomainName.
    >
    > I did a ping on ComputerName.DomainName and it looks ok.
    >
    > I did an nslookup 201.184.233.64.ComputerName.DomainName and I am able to
    > get a reply. Name: 201.184.233.64.ComputerName.DomainName Address:
    127.0.0.2
    >
    > However mails coming from 64.233.184.201 are still getting through...
    >
    >
  6. Archived from groups: microsoft.public.win2000.dns (More info?)

    I have figured it out...

    I need a reboot to get it working... service restart just won't do...

    Anyway thanks for analyzing my process. That is a great help. I really
    appreciate it.

    Wish you a good day.

    Best Regards,
    Jeremy.


    > I did a little check with the DNS logs... no verification was ever done.
    >
    > Then I notice that the smtp services rbl reference says "Real Time
    Blocking
    > List Domain Name".
    >
    > May be I should point the DNS client to the local DNS server. Then forward
    > the DNS servers to the original DNS?
    >
    >
    > > I have add a second zone called ComputerName.DomainName with the same
    > > content as the first one.
    > > Change the rbl entry in my smtp server to ComputerName.DomainName.
    > >
    > > I did a ping on ComputerName.DomainName and it looks ok.
    > >
    > > I did an nslookup 201.184.233.64.ComputerName.DomainName and I am able
    to
    > > get a reply. Name: 201.184.233.64.ComputerName.DomainName Address:
    > 127.0.0.2
    > >
    > > However mails coming from 64.233.184.201 are still getting through...
  7. Archived from groups: microsoft.public.win2000.dns (More info?)

    "Jeremy Sun" <binmann@hotmail.com> wrote in message
    news:OsSWhWWSFHA.3296@TK2MSFTNGP15.phx.gbl...
    > I have figured it out...
    >
    > I need a reboot to get it working... service restart just won't do...

    Not for DNS.

    I cannot comment on your SMTP since you never
    gave the software.

    But most SMTP does not require such reboots.

    Even starting/stopping the SMTP should not have
    been necessary.

    > Anyway thanks for analyzing my process. That is a great help. I really
    > appreciate it.

    It's working with REVERSED IPs names in the zone?
  8. Archived from groups: microsoft.public.win2000.dns (More info?)

    > > Still not working after making changes.
    >
    > Then you have likely dones something wrong
    > in the zone configuratio (based on your first
    > message.)

    Unlikely. However I got to admit that I am quite lost on why that didn't
    work.

    > > I want to block some IP addresses. I figured having a semi-permanent IP
    > > blocking list is a better idea than our current "sender name" blocking
    list
    > > which is going over 6000 items while many of them are simply
    spoof-names.
    >
    > If you want to block IP addresses, you can just do that
    > with a filter like IPSec and your SMTP server will never
    > even see the connect request.
    >
    > The main point of RBL is the "real time" -- it's that someone
    > is maintaining these lists on at least a day-to-day basis.

    I am not familiar with IPSec... except that it is commonly used with VPN,
    probably the next thing I am going to bump into.

    The good thing about RBL is that it is quite 'dummy friendly' which means
    that I can pass it on to somebody once it is up and running smoothly.

    > > A good point. Actually I changed the zone name to the computer name
    (say,
    > > let it be "ComputerName" for later reference)
    >
    > Probably not a great name choice either.
    > Did you name it "computer" (single tag) or "computer.domain.com"?

    computer.domain.org

    > Does the computer and especially the SMTP server use
    > this same machine for it's DNS server?

    yes

    > > and made sure that when I
    > > nslookup, say, IPd.IPc.IPb.IPa.ComputerName,
    >
    > Why are you doing d->a, instead of a-d?
    >
    > This is NOT a reverse zone.
    >
    > Only reverse zones reverse the octets (for delegation
    > reasons.)

    I believed that it is how the request sent to the rbl by a smtp server. I
    was simulating the smtp action.

    > Some SMTP servers have a configuratio for DNS
    > separate from the machine on which they run, check
    > to make sure your SMTP server is using the same
    > DNS as the NSLookup command is using.
    >
    > > I have a good reply, from the
    > > smtp server. I have added a computerName.local zone.
    >
    > Then you would have to put the names (IPs) in there
    > and tell the SMTP server to use "computername.local"
    > as it's RBL.
    >
    > If the zone is named "something.whatever" you tell
    > the SMTP server precisely that.

    I did. It didn't work, I believe, is the same reasons with why the original
    zone didn't work, whatever the reason is.

    > > However when I tried to
    > > ping computerName.local I have an unknown-computer reply.
    >
    > There would need to be an A record for that
    > name in order to ping it (or a CNAME pointing
    > to an A-record with an IP.)

    :P me bad.

    > > I guess it is
    > > something to do with the difference between windows and unix/linux.
    >
    > No, for the most part DNS is DNS.
    >
    > (They have some different special features on the
    > two OSes, but the basic functionality and the concepts
    > are the same.)

    OK.

    > So fare, I haven't asked you which you are using since
    > it didn't matter to the answers I am giving you.
    >
    > You don't seem to have some misconceptions
    > about zones and formatting the correct records
    > in those zone.

    I guess I am ok with the DNS concept... just don't give me a close book
    exam.

    > Well your note in indicated that you couldn't create
    > the zone but #6 says everything looks good.

    I have no idea why the zone computer.domain.org does not work. I setup
    computer.local just to pass the time trying to figure out why I did not get
    it right the first time... and missed the reverse entry all together. :P

    However, I got the ping and I got the lookup from my computer.domain.org
    zone. So it looks good.

    I think I got to change the habbit of skipping steps when I describe a
    problem.

    > > Just did that. I put in "ComputerName".
    >
    > So you have a zone, the SMTP server can use "it's" DNS
    > server (which may not be the same one) to find this zone.

    yes

    > The zone is listed in the SMTP server.

    yes

    > The zone contains A records with numbers like 127.0.0.1 etc.
    > (there are conventions for different values 1, 2, 3, etc.)

    yes

    > Those A records are the regular IP prefixed onto the zone
    > name.

    well. not regular. From what I know, rbl looks up names which LOOKS like
    reverse IPs. That is why the records go to the forward zone.

    for example, if I want to block gmail (64.233.184.1-254, something like
    that)

    I need an entry

    *.184.233.64.computer.domain.org IN A 127.0.0.2 (Bind)

    or

    *.184.233.64 A 127.0.0.2 (Windows 2000 DNS) in the zone file of
    computer.domain.org

    then when you nslookup 201.184.233.64.computer.domain.org you should get a
    reply. When the smtp check the rbl and receive a reply, it dumps the mail.

    > But you may have a separate DNS setting for the
    > SMTP server (some do for efficiency.)

    A good point. I can always make the changes later.

    ..
    ..
    ..

    > > > > 2) Did I do something wrong in Part 1?
    > > >
    > > > Probably not other than choosing a poor zone name
    > > > which may lead to misunderstandings AND the actual
    > > > error in part 2.
    > >
    > > Mmmmm... Now I got that fixed and something is still going wrong.
    >
    > I think you reversed the IP -- probably thinking of
    > reverse zones.

    No. As I have said in my other replies. I reboots and it works.

    I was wondering may be if it has something to do with caching? May be it is
    the SMTP service?

    That is the result of being not familiar with the theory. When things go
    wrong you don't have a clue.

    > > I am already doing constant work on it... updating sender blocking list,
    > > man...
    >
    > IPSec can block more effectively if you don't
    > wish to receive ANY (SMTP) traffic from them.
    >
    > Why more effective? Your SMTP server will never
    > get the connection.
    >
    > Your IPSec software will reject (actually IGNORE it)
    > immediately.

    Mmmmm. OK. I got IPSec on my list. The next thing (after this, after that)
    to look into.

    You sure that IPSec is a good idea on Windows 2000? I took a look at the
    build-in support of IPSec and I did not find anything exciting.

    > > Some IPs are definitely wanted to be blocked. You know these spammers
    comes
    > > from China is just crazy but I can't simply blocked the whole damn
    thing.
    >
    > Right. IPSec can block on single IPs or class size ranges.

    How? on a windows 2000.

    > > I will summarise my information below:
    > >
    > > 1) Windows 2000 standalone server with latest everything hot-fixed
    > > 2) the same server has a SMTP service with buildin spam detection /
    supprt
    > > such as sender name blocking and rbl support
    > > 3) using another DNS on the network, before and after the rbl is setup.
    >
    > What does the above mean? "using Another DNS"?
    >
    > You have to use the one with the RBL list OR the one
    > you use must be able to FIND the DNS server with that
    > RBL zone.

    typo. "Was" using another DNS.

    > > 4) I have a this new rbl / dns setup in the same server.
    >
    > Ok, then you have your machine OR SMTP server itself
    > pointed strictly at the "same server" for DNS.

    yes

    > > 5) rbl / dns zone name "ComputerName"
    > > 6) smtp rbl settings point to "ComputerName"
    > > 7) not working

    > > I have figured it out...
    > >
    > > I need a reboot to get it working... service restart just won't do...
    >
    > Not for DNS.
    >
    > I cannot comment on your SMTP since you never
    > gave the software.
    >
    > But most SMTP does not require such reboots.
    >
    > Even starting/stopping the SMTP should not have
    > been necessary.

    Agree. I didn't recall rebooting when I set up my smtp server using public
    rbl lists... a year ago.

    > > Anyway thanks for analyzing my process. That is a great help. I really
    > > appreciate it.
    >
    > It's working with REVERSED IPs names in the zone?

    It is. I think it is just the rbl way of naming the IPs. I don't remember
    where I got that.

    So the name the smtp sent for rbl would be 4.3.2.1.rblzonename.rbldomainname
    for IP 1.2.3.4
Ask a new question

Read More

Microsoft DNS Windows