$ host -tTXT 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com descriptive text "127.0.0.1 -> Query Refused. See https://uribl.com/refused.shtml for more information [Your DNS IP: 1.2.3.4]"
c:\> nslookup -q=txt 2.0.0.127.multi.uribl.com 2.0.0.127.multi.uribl.com text = "127.0.0.1 -> Query Refused. See https://uribl.com/refused.shtml for more information [Your DNS IP: 1.2.3.4]"
If an email you sent bounced, and included a link to this page, then it was rejected because the receiver has not implemented URIBL lookups correctly. URIBL uses bitmask responses to indicate a domain being listed. Our Implementation guidelines provide the bitmask responses. All queries that we refuse, we return a 127.0.0.1 response to, as bit 0x1 is not used for domain classification. SpamAssassin supports the 0x1 bitmask response, and provides a URIBL_BLOCKED rule which will fire if the query was refused by URIBL.
If you send a query to "black.uribl.com" and we deliver a 127.0.0.1 response back to that query, that is not a positive listing. Only 127.0.0.2 responses indicate a listing on black.uribl.com. Really you should be using multi.uribl.com for resolution, and doing proper bitmask checking. If your software does not support bitmask checking of the 4th octet, contact your software vendor, or stop using URIBL completely.
If you are low volume user, you have a few options. Possibly changing your nameservers from a public dns provider (ie opendns/google) to your local ISP may solve it. If your local ISP is also effected because they are very large (ie cox/att/comcast/etc), you may need to use your own recursive DNS solution. If your company has DNS servers, point to them for resolution. Alternatively, you could setup a caching nameserver on the loopback of the machine doing the spam checking, and point the DNS to localhost.
If you use Spamassassin to scan your email, you can reduce query volume by applying uri skip lists. For example, you could skip sending queries for commonly seen domains that will not be blacklisted, such as
uridnsbl_skip_domain googleapis.com goo.gl googlegroups.com docs.google.com uridnsbl_skip_domain youtu.be linkedin.com fbcdn.net licdn.com twimg.com redbox.com uridnsbl_skip_domain amazon.ca amazonses.com amazonaws.com ssl-images-amazon.com images-amazon.com media-amazon.com uridnsbl_skip_domain instagram.com pinterest.com pinimg.com facebookmail.com yahoodns.net tumblr.com uridnsbl_skip_domain groupon.com grouponcdn.com office365.com booking.comYou should also consider adding uri skips on your company domains. Especially if your mail clients append footers with your company url in each email. Because our DNS cache TTL is so low, each email containing your company domain could generate one or more queries.
uridnsbl_skip_domain mydomain.com mydomain.net mydomain.orgWith Datafeed over DNS service, we can also help you identify which domains are queried the most often and help you elimiate those queries to reduce your query volumes and costs. Contact dnsadmin@uribl.com for assistance.
For those that have no solution for the DNS workarounds listed above, we provide commercial Datafeed Service.
If you need more information regarding this issue, please contact the URIBL DNS Admin