Technorail (Aruba) DNS servers block queries to Spamhaus

Printer-friendly version

Recently my mail server started to deliver an increased spam volume. Inspecting the logs I found Spamhaus blacklist was no longer effective. After some tests, it turned out that the DNS used by my (virtual) server at Aruba non longer resolved Spamhaus queries correctly:

>nslookup
> server dns2.technorail.com
Default Server:  dns2.technorail.com
Address:  62.149.132.2

> 119.5.107.41.pbl.spamhaus.org
Server:  dns2.technorail.com
Address:  62.149.132.2

*** dns2.technorail.com can't find 119.5.107.41.pbl.spamhaus.org: Non-existent domain

Now switch to my router address, which forward DNS queries to my ISP DNS (Telecom Italia):

> server 192.168.200.254
Default Server:  [192.168.200.254]
Address:  192.168.200.254

> 119.5.107.41.pbl.spamhaus.org
Server:  [192.168.200.254]
Address:  192.168.200.254

Non-authoritative answer:
Name:    119.5.107.41.pbl.spamhaus.org
Address:  127.0.0.11

For some reason Technorail, the DNS used by Aruba, does not forward queries to Spamhaus and always returns a NXDOMAIN return code, thereby allowing all spam in. Don't know if this is a new "feature" to sell their antispam service, or just a DNS issue. By now I resolved using different DNS servers. I opened a ticket with their helpdesk, let's see what's the answer.

Update: Aruba helpdesk answered that being technorail.com DNSes public, they are (now) configured not to forward queries to Spamhaus. Spamhaus itself recommends that, and ask to use your own DNSes to query its database.