[Pdns-users] Could not retrieve security status update / spamhaus.org unable to query

Sophie Loewenthal sophie at klunky.co.uk
Thu Dec 28 23:02:13 UTC 2017 

Hi everyone,


I had this message in my logs in a new installation with a new VPS provider, and wonder if this is them or pdns_resolver blocking,

Dec 28 22:42:11 mx10 pdns_recursor[7093]: Could not retrieve security status update for '4.0.4-1+deb9u3.Debian' on 'recursor-4.0.4-1_deb9u3.Debian.security-status.secpoll.powerdns.com', RCODE = Non-Existent domain

So, I ran this ( Someone posted this line last year on the mailing list),

# for x in 1 2; do echo "pdns-public-ns${x}.powerdns.com"; dig +short @pdns-public-ns$x.powerdns.com auth-3.4.7.security-status.secpoll.powerdns.com IN TXT; done 
pdns-public-ns1.powerdns.com
"3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2016-01/ https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ https://doc.powerdns.com/3/security/powerdns-ad" "visory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/"
pdns-public-ns2.powerdns.com
"3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2016-01/ https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ https://doc.powerdns.com/3/security/powerdns-ad" "visory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/"


Also, I noticed that spamhaus.org was not resolving, which was quite strange. All other queries to RNSBLs work e.g spamcop.
Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] 102.77.50.178.xbl.spamhaus.org: timeout resolving after 2503.31msec
Dec 28 21:04:38 10 pdns_recursor[2667]: [1225] 102.77.50.178.xbl.spamhaus.org: Trying IP 178.209.52.139:53, asking '102.77.50.178.xbl.spamhaus.org|AAAA'
Dec 28 21:04:38 10 pdns_recursor[2667]: 1 [1225/2] answer to question '102.77.50.178.xbl.spamhaus.org|AAAA': 0 answers, 0 additional, took 4 packets, 7515.07 ms, 2 throttled, 3 timeouts, 0 tcp connections, rcode=2

  
The VPS provider tells me the problem is my install of pdns_resolver.  

Running : pdns-recursor 4.0.4-1+deb9u3  / 
# uname -a
Linux 10 4.9.0-4-amd64 #1 SMP Debian 4.9.65-3+deb9u1 (2017-12-23) x86_64 GNU/Linux


I might have more than one problem...

Regards, So

More information about the Pdns-users mailing list