Docker-mailserver: Logs & daily report contain lots of "warning: dnsblog_query: lookup error for DNS query"

Created on 11 Apr 2018  路  4Comments  路  Source: tomav/docker-mailserver

I am new to using postscreen with DNS blacklists, I never configured them before, so maybe this is a misunderstanding on my part. To my understanding, a host is on the blacklist, if the DNS query returns a positive response.

I now see a lot of entries similar like this in the log files, and they are also reported in the daily summary e-mail as warnings:

Apr 11 09:20:26 mail postfix/dnsblog[11746]: warning: dnsblog_query: lookup error for DNS query 165.144.196.217.list.dnswl.org: Host or domain name not found
. Name service error for name=165.144.196.217.list.dnswl.org type=A: Host not found, try again

To my understanding, this indicates that the IP is not on the blacklist.

Context

Default configuration on v5.8.1

Expected Behavior

The line above should not be added to the log, and not included in the daily summary e-mail.

Actual Behavior

It is logged and as it is a warning, also reported in the daily summary e-mail.

bug help wanted postfix / dovecot related
Source
picture capi

Most helpful comment

I can confirm that with my own DNS server this is working as it should. So this is a host/DNS server configuration issue and not related to docker-mailserver. On the contrary, it is _good_ that these lines are logged, since they show that DNS configuration is not working as intended.

I will therefore close this issue. Thanks for the help!

picture capi on 12 Apr 2018
👍2

All 4 comments

If you're using Google's public DNS servers (or several other public DNS servers) they don't allow querying of DNSBL. You can use the new Cloudflare DNS 1.1.1.1 or 1.0.0.1

I started working on a companion container that would run Unbound but since Cloudflare released their DNS servers, I gave up.

You can add the following to your docker-compose.yml to fix this:

services:
  mail:
    image: ...
    ...
    dns: 1.1.1.1
crazystick picture crazystick on 12 Apr 2018
👍2

http://postfix.1071664.n5.nabble.com/dnsblog-lookup-error-questions-td52034.html

I got the same errors. Not sure what public DNS my mailserver is using at the moment. Will have a look at it later and will report :)

akmet picture akmet on 12 Apr 2018

Thank you. The docker host below was actually using 8.8.8.8. I updated this to my hosting provider's DNS servers (up until I checked I was quite sure I was using those). Will report back, if this fixes the issue.

EDIT: Fun stuff: my hosting provider doesn't allow them as well, will be querying my own DNS from now on.

capi picture capi on 12 Apr 2018

I can confirm that with my own DNS server this is working as it should. So this is a host/DNS server configuration issue and not related to docker-mailserver. On the contrary, it is _good_ that these lines are logged, since they show that DNS configuration is not working as intended.

I will therefore close this issue. Thanks for the help!

capi picture capi on 12 Apr 2018
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Dubbeldrank picture Dubbeldrank  路  4Comments
Hamsterman picture Hamsterman  路  3Comments
42wim picture 42wim  路  4Comments
nicklayb picture nicklayb  路  4Comments
phish108 picture phish108  路  5Comments