Strange lookups under dns
Barry Margolin
barmar at alum.mit.edu
Wed Dec 15 23:00:40 UTC 2004
In article <cppvb9$29ck$1 at sf1.isc.org>,
adrdsjd at talk21.com (Alasdair Dougall) wrote:
> Hi
>
> Can anyone shed light on the following messages I am getting in
> messages log.
>
> It seems to be related to my spamassassin stuff, but not sure.
DNS is often used this way to distribute blacklist information. It's
looking up the IP of the connecting SMTP server to see if it's in the
spamhaus.org or bondedsender.org lists.
>
> Thanks in advance,
>
> Alasdair Dougall
>
> Dec 15 06:41:26 wpc1365 named[4357]: client 127.0.0.1#32986: query:
> 37.7.229.150.sbl-xbl.spamhaus.org IN A
> Dec 15 06:41:26 wpc1365 named[4357]: client 127.0.0.1#32987: query:
> 66.3.83.152.sbl-xbl.spamhaus.org IN A
> Dec 15 06:41:26 wpc1365 named[4357]: client 127.0.0.1#32988: query:
> 167.13.83.152.sbl-xbl.spamhaus.org IN A
> Dec 15 06:41:26 wpc1365 named[4357]: client 127.0.0.1#32989: query:
> 37.7.229.150.sa-other.bondedsender.org IN TXT
> Dec 15 06:41:26 wpc1365 named[4357]: client 127.0.0.1#32990: query:
> 66.3.83.152.sa-other.bondedsender.org IN TXT
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list