DNS被劫持导致slockd误判一例
[554 blocked using cblless.anti-spam.org.cn, see [url]http://bl.extmail.org/cgi/rbl?222.66.165.139[/url] ,from=<[email]eva.pan@dulwich-shanghai.cn[/email]> to=<×××@×××。cn> helo=<dcsmailfe.dewei.local> client=<222.66.165.139>]奇怪的是我拿 222.66.165.139 地址到 [url]www.anti-spam.org.cn[/url] 查的时候时候发现该ip并未进入黑名单!请老大来看看是什么问题? 好像解决了。是查询的dns的服务器被挟持了。用自己建立的dns服务器就好了。具体信息 [url]http://www.anti-spam.org.cn/AID/796[/url] [root@mail log]# [b][color=darkred]dig 139.165.66.222.cblless.anti-spam.org.cn @localhost[/color][/b]
; <<>> DiG 9.2.4 <<>> 139.165.66.222.cblless.anti-spam.org.cn @localhost
; (1 server found)
;; global options: printcmd
;; Got answer:
[color=darkred][b];; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36479[/b]
[/color];; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.165.66.222.cblless.anti-spam.org.cn. IN A
;; AUTHORITY SECTION:
cblless.anti-spam.org.cn. 2726 IN SOA cblless.anti-spam.org.cn. wxy.anti-spam.org.cn. 2008120206 14400 3600 14400 3600
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 2 16:06:54 2008
;; MSG SIZE rcvd: 97
[color=green][b]被挟持的,用了网通服务商提供的dns[/b][/color]
[b] dig 139.165.66.222.cblless.anti-spam.org.cn @10.0.0.1[/b]
; <<>> DiG 9.2.4 <<>> 139.165.66.222.cblless.anti-spam.org.cn @10.0.0.1
; (1 server found)
;; global options: printcmd
;; Got answer:
[b];; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16298
[/b];; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.165.66.222.cblless.anti-spam.org.cn. IN A
;; ANSWER SECTION:
[b]139.165.66.222.cblless.anti-spam.org.cn. 3600 IN A 220.250.64.21[/b]
;; AUTHORITY SECTION:
cblless.anti-spam.org.cn. 3583 IN SOA cblless.anti-spam.org.cn. wxy.anti-spam.org.cn. 2008120206 14400 3600 14400 3600
;; Query time: 6 msec
;; SERVER: 10.0.0.1#53(10.0.0.1)
;; WHEN: Tue Dec 2 16:09:07 2008
;; MSG SIZE rcvd: 113
希望对大家有用!进一步鄙视中国的isp服务商,祝他们生儿子没屁眼! 大多数这种问题都是被劫持了。唉,很郁闷的。 没办法,CNC连它自己的IDC用的DNS都搞劫持!超级垃圾!
页:
[1]