0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
Do I have to change something on my end (debian 12.4) so the query won’t be blocked anymore?
Thanks
Pkte Regelname Beschreibung
---- ---------------------- --------------------------------------------------
-5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at https://www.dnswl.org/, high
trust
[194.53.54.16 listed in list.dnswl.org]
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URI: dikav.yachts]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.0 SPF_PASS SPF: Senderechner entspricht SPF-Datensatz
0.2 BAYES_999 BODY: Spamwahrscheinlichkeit nach Bayes-Test: 99.9-100%
[score: 1.0000]
3.5 BAYES_99 BODY: Spamwahrscheinlichkeit nach Bayes-Test: 99-100%
[score: 1.0000]
0.0 HTML_MESSAGE BODY: Nachricht enthlt HTML
0.0 T_TVD_MIME_EPI BODY: No description available.
0.0 HTML_IMAGE_ONLY_32 BODY: HTML: images with 2800-3200 bytes of words
0.0 DMARC_MISSING Missing DMARC policy
/etc/unbound/unbound.conf:
Edit the unbound.conf to something like this:
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
server:
# the working directory.
directory: "/etc/unbound"
# If no logfile is specified, syslog is used
# logfile: "/var/log/unbound/unbound.log"
# run as the unbound user
username: unbound
# verbosity: 2 # uncomment and increase to get more logging.
# listen on all interfaces, answer queries from the local subnet.
interface: 0.0.0.0
# comment out the following line if your system doesn't have IPv6.
# interface: ::0
# disable IPv6
do-ip6: no
# perform prefetching of almost expired DNS cache entries.
prefetch: yes
access-control: 127.0.0.1/24 allow
# hide server info from clients
hide-identity: yes
hide-version: yes
remote-control:
# Enable remote control with unbound-control(8) here.
control-enable: no
# what interfaces are listened to for remote control.
# give 0.0.0.0 and ::0 to listen to all interfaces.
# set to an absolute path to use a unix local name pipe, certificates
# are not used for that, so key and cert files need not be present.
control-interface: 127.0.0.1
# control-interface: ::1
# port number for remote control operations.
control-port: 8953
Restart unbound systemctl restart unbound or do a server reboot.
If you already installed bind9 with Hestia, there is no need to remove it and install unbound, you can just use bind9 as your dns resolver. Also, if you remove bind9 you won’t be able to add dns records to your domains (don’t know whether you are using it for this purpose).
Yes you should modify that file with that conf but keep in mind that it could be overwritten by your system if you are using systemd-resolved… so you should do more steps to change the nameserver to be used. Take a look to this post: Not receiving emails in roundcube - #16 by sahsanu
If you prefer to install unbound and you will use bind9 too, you can configure unbound to listen on address 127.0.0.2 and add nameserver 127.0.0.2 to your resolv.conf file so there isn’t need to remove bind9. You should add this directive listen-on port 53 { 127.0.0.1/32; }; to /etc/bind/named.conf.options so bind will listen only on 127.0.0.1.
If you are not serving DNS records for your domains from Hestia then there is no need to keep bind installed. Just in case, instead of removing it, just disable and stop the service and if all works as expected then remove it.
