KB - "SERVFAIL, RCODE 2" DNS lookup error logged for certain SURBL tests

Affected SURBLs

• AB-SURBL SURBL: AbuseButler web sites (ab.surbl.org)
• OB-SURBL SURBL: OutBlaze URI blacklist (ob.surbl.org)
• SC-SURBL SURBL: SpamCop web sites (sc.surbl.org)
• WS-SURBL SURBL: sa-blacklist websites (ws.surbl.org)

Symptoms

The SURBL Test returns excessive amounts of DNS lookup errors in the ORF logs:

DNS error. Test: "SURBL: SC-SURBL", server: "serveraddress", domain: "domainname", record type: A, protocol: UDP. Server response: DNS server or domain failure (SERVFAIL, RCODE 2).

Causes

You may receive this error message if any of the above listed individual SURBLs are enabled on the SURBL Test page. The individual lists have been combined into a single list and their use is deprecated in favor of MULTI-SURBL SURBL: Combined SURBL list (multi.surbl.org).

Solution

We recommend deleting the obsolete blacklists to avoid further issues:

1. Start the ORF Administration Tool
2. Navigate to the Blacklists / SURBL Test page
3. Select the obsolete SURBLs
4. Click the Delete button and click Yes
5. Save your configuration to apply the changes by pressing Ctrl + S. (In ORF 4.2 and older versions, the ORF Service needs to be restarted to pick up the changes, so press Ctrl + U instead: this saves the configuration and restarts the service in a single step).

Notes

To have ORF configured in the most efficient way possible, please consult our Best Practices Guide. Make sure your current DNS Blacklist and SURBL definitions are up to date, and that you have the recommended blacklists enabled.