RBLs queries in sequence?

Simulcast · Post by **Simulcast** » Tue Dec 27, 2011 1:11 am

Hi,
I'm getting reports from the "by server" version of the postfix mail stats script here PostConf | Spam Reports nightly via cron, and they detail the percentage of mail blocked by each RBL configured. (Nice script, btw.)
It very much seems that with the zen, barracuda, and spamcop RBLs, whichever one I list first blocks the majority of the total RBL-blocked spam.
To me this suggests Postfix actually queries the first RBL then moves to the others in sequence until a positive is returned, rather than querying all RBLs simultaneously as sometimes seems to be suggested. (Ie: "You'll get one DNS query per list you configure for each message checked.")
Perhaps slightly academic as I don't want/need more RBLs, but does anyone have better evidence either way? (Or, said another way, how do I log all the DNS lookups on my CentOS box

All best.

phoenix · Post by **phoenix** » Tue Dec 27, 2011 1:22 am

[quote user="Simulcast"]To me this suggests Postfix actually queries the first RBL then moves to the others in sequence until a positive is returned,[/QUOTE]That's exactly what it does and your RBL list should be in descending order of effectiveness.
[quote user="Simulcast"]... rather than querying all RBLs simultaneously as sometimes seems to be suggested. (Ie: "You'll get one DNS query per list you configure for each message checked.")[/QUOTE]It wouldn't make sense to do that, it's wasteful of resources and it makes more sense to have three (possibly five maximum) RBLs and query those in order.
[quote user="Simulcast"]TPerhaps slightly academic as I don't want/need more RBLs, but does anyone have better evidence either way? (Or, said another way, how do I log all the DNS lookups on my CentOS box

[/QUOTE]Fairly easy, if you're using BIND: +"how to" +"log dns queries" - Yahoo! Search Results I'd suggest you not do that as you're most likely to get horrendously large files from that.

Simulcast · Post by **Simulcast** » Tue Dec 27, 2011 6:46 pm

Thanks for the confirmation re: RBL checks in sequence, Bill.
Alas, I'm not using bind and Google (not Yahoo!

failed me! Off topic so will research elsewhere.
All best!