Google DNS breaks dnsbl

[restamp]

It appears TekTonic has been pointing their client's DNS to Google's Open DNS nameservers in their /etc/resolv.conf files. ("nameserver 8.8.8.8" and "nameserver 8.8.4.4".) I don't know when this transition occurred, and I override the default resolv.conf (or thought I did) in my /etc/rc.local anyway. However, when I upgraded my VMs to CentOS 5.6, I soon noticed an increase in spam getting through. Investigation revealed that the dnsbl entries in my MTA (sendmail) were no longer working.

Further hair pulling and gnashing of teeth proved that (1) Google doesn't support dnsbl queries correctly in its nameservers (see http://www.spamhaus.org/faq/answers....BL%20Usage#261 ) and (2) either CentOS 5.6 or the sendmail it provides does not support changes to the resolv.conf file after the sendmail process has been invoked on boot. I had to cobble together a special /etc/init.d script to rewrite resolv.conf to my satisfaction prior to invoking the sendmail start script.

Beware of this gotcha if you are using CentOS, sendmail, and dnsbls.

YMMV.

[matta]

It seems you have a solution, but for upgrade reasons you can contact support and they can set a flag to not overwrite resolv.conf on boot.