Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » New shoot self in foot error
  •  
pcunix

Messages: 594
Karma: 33
Send a private message to this user
Yesterday one of my customers called saying that no mail was coming in and asking "Are we on a blacklist?". I had to explain dNS blacklists to them first and then I asked "What have you changed?"

Of course the immediate answer was "Nothing" (isn't it always?).

However, when I logged into their admin, the Security log was full of DNS blacklist rejections. Upon checking the blacklists tabs, I found that they had added 3 new "blacklists" which were not DNSBL's at all - just domain names they wanted to block!

This is certainly an unusual mistake but this client was led astray by the close proximity of the Custom Blacklist section just above. Before you say the obvious, yes, this was their so called "tech guy". Yeah, I know..

While marveling at his ignorance, and wishing that he'd RTFM, perhaps something could be added here that might warn off someone on the same path?

Tony Lawrence
Kerio Preferred Partner and Reseller
Certified for Connect, Control
http://aplawrence.com
  •  
freakinvibe

Messages: 1542
Karma: 62
Send a private message to this user
This is strange. Kerio Connect does only block a message when it gets the answer 127.0.x.x back from the DNSBL. If you wrongly put a normal domain as DNSBL (e.g. yahoo.com), it should give no answer to the query a.b.c.d.yahoo.com.

If KC gets no answer on a DNSBL query, it lets the message through. This is very helpful because if a DNSBL gets shut down or is temporarily not reachable, the messages will not be rejected.

So I wonder why the messages were rejected as you should get no answers from non-DNSBL domains.

Dexion AG - The Blackberry Specialists in Switzerland
https://dexionag.ch
  •  
pcunix

Messages: 594
Karma: 33
Send a private message to this user
Depends upon the configuration.

You are correct that a.b.c.d.yahoo.com is not found, but a.b.c.d.aplawrence.com (for example) is accepted.

Tony Lawrence
Kerio Preferred Partner and Reseller
Certified for Connect, Control
http://aplawrence.com
  •  
freakinvibe

Messages: 1542
Karma: 62
Send a private message to this user
But then you have wildcard DNS enabled. Maybe one of the domains they entered had it also enabled.

Quote:
Of course the immediate answer was "Nothing" (isn't it always?).


That's why I like the Config log. I can see exactly what was changed when.

[Updated on: Thu, 14 June 2012 16:48]


Dexion AG - The Blackberry Specialists in Switzerland
https://dexionag.ch
  •  
pcunix

Messages: 594
Karma: 33
Send a private message to this user
Yes, exactly. I use wild card dns and apparently so did at least one of the sites he added.

I didn't get to the config logs.. I spotted it before I got that far..

But, yeah, I've had trouble with this guy before. Last time he "helped" somebody there screw up their new iPhone.. He's an outside tech for this company and I have told the company several times that they should just call me for the Kerio stuff as it would cost them nothing, but they keeping paying him to screw things up Smile

Tony Lawrence
Kerio Preferred Partner and Reseller
Certified for Connect, Control
http://aplawrence.com
Previous Topic: Private events not private for invited user
Next Topic: Mac CardDAV Problem
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Oct 21 10:30:57 CEST 2017

Total time taken to generate the page: 0.00451 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.