[Dshield] DNSRBL

Stephane Grobety security at admin.fulgan.com
Tue Feb 10 13:28:42 GMT 2004


GH> i've noticed that DNSRBL (http://www.dnsrbl.com) started listing
GH> 127.0.0.1 on either of their blacklists. could anyone tell me a good
GH> reason why they do?

Hum... If we decide not to consider incompetence or error, then it
might be a way to prevent accidental CGI form mail exploit.

GH> (this lead to all mail that my machine received thru fetchmail being
GH> discarded which got me a little pissed off as you can imagine...)

Add 127.0.0.1 to your whitelist and it will be fixed. Adding all local
IPs (including loopback) to the whitelist is a good move anyway: it
won't decrease the system's security except if you have very special
setup and it will improve on performances since local relays won't
yield a DNS lookup.

Good luck,
Stephane




More information about the list mailing list