Setting up a SURBL DNS mirror under Windows

This document about setting up a SURBL DNS mirror under Windows is largely the work of John Tan of a mail filter provider in Singapore. Thanks to John for sharing the instructions with the SURBL community.

Install and Configure wrbldnsd
  1. Download and run the wrbldnsd installer, wrbldnsd_1.2.1_Installer.exe, which includes Windows ports of rbldnsd, rsync, ssh and cygwin.

  2. Click "Next" on the screen below.

  3. Read the License Agreement and click "I Agree".

  4. Specify the location where you want to install to and click "Next".

  5. On this screen, specify the IP address that rbldnsd will listen on and the alternative port to use if port 53 is already used on your server. For the Zone-Dataset mapping, specify "multi.surbl.org:dnset:multi.surbl.org.rbldnsd".

  6. Click "OK" on the following prompt.

  7. Click "Close" to exit the wizard.

Configure rsync
  1. In a command window, navigate to the folder "<INSTALL-PATH>\bin" and execute the following command to perform the first rsync manually. 
      rsync -qa [RSYNC SERVER NAME HERE]::surbl/multi.surbl.org.rbldnsd ..\rbldnsd
    * The destination location must be "<INSTALL-PATH>\rbldnsd" in order for the next step to work. (The rsync server name will be provided in your data feed instructions.)

  2. Wait for the rsync to complete and you will be able to start the "rbldnsd" service under Windows Services.

  3. To schedule the subsequent rsyncs, we need to ensure that only one rsync can execute at any given time. Perform these steps:

    1. In the folder "<INSTALL-PATH>\bin", create an empty file named as "rsync.unlocked".

    2. Open a new text file using Notepad and create the following batch file. Save the file as "rsync.bat" in the folder "<INSTALL-PATH>\bin". 
      @echo off

If not exist rsync.locked (goto :rsync) else (goto :exit)

:rsync

rename rsync.unlocked rsync.locked

rsync -qa [RSYNC SERVER NAME HERE]::surbl/multi.surbl.org.rbldnsd ..\rbldnsd

rename rsync.locked rsync.unlocked

:exit

exit
    (The rsync server name will be provided in your data feed instructions.)
  4. Add a Windows Scheduler task to run "rsync.bat" every N minutes. Here are the specific steps:

    1. Under Control Panel -> Scheduled Tasks, click "Add Scheduled Task". Click "Next".

    2. Click "Browse" and select the "rsync.bat" file saved earlier depending on where you have saved it. Click "Next".

    3. Select "Daily" for the task schedule. Click "Next".

    4. Click "Next".

    5. Key in credentials of an administrator that can run the task.

    6. Click "Finish".

    7. Under Control Panel -> Scheduled Tasks, open the new task "rsync.bat". Under the "Schedule" tab, click "Advanced". Input the frequency that you will want the task to run (in this case 3 minutes) and enter 24 hours for the duration. Click "Ok" to close the window.

    8. Back on the Control Panel -> Scheduled Tasks, to test that the task is created properly, right click on the task and click "Run". The task should run

Configure the mail filter application to use the new local DNS mirror

 Configuring your mail filtering application to use the new local DNS mirror will be highly-dependent on the particular application. However the principle will be the same: tell the application to use the new local mirror on the local IP and port as specified above. Therefore the techniques or principles below may work with your application also.

For example, for ClearSwift Mailsweeper:

Setting up ClearSwift Mailsweeper for SMTP 5.x Software to use SURBL Cache

The software is hardcoded to use the domain multi.surbl.org and there is no way to change that in the Policy Manager. (If it could be changed, then you could simply use a local domain name for the local mirror, like surbl.mylocaldomain.com hosted on or forwarded from your regular local DNS server.) Since they can't be changed in Mimesweepeer, the lookups to the public servers are via the configured DNS servers.

Hence, there are two ways to point the software to query our SURBL cache: set up the new mirror on the existing recursive DNS server, or set up the new mirror on a local server and also set up the same server to act as a DNS forwarder.

  1. Add a new zone on the existing DNS servers used by your Mailsweeper server

    On the existing recursive nameserver that the mail filter uses, create a new forward zone multi.surbl.org to forward all queries to the IP of your SURBL cache. The DNS servers will act as a forwarder and help to forward all SURBL queries to the SURBL cache.

  2. Install BIND for Windows on the same SURBL cache server (if you do not have control over your provider's DNS servers)

    During the installation of wrbldnsd, specify rbldnsd to run on another port e.g. "127.0.0.1/54". Install BIND for Windows. The latest BIND version 9.6.0 cannot run on Windows 2000 Server; the minimum version is WinXP Pro or Windows 2003 Server. Configure BIND for Windows to forward recursive requests (for all other zones) to your provider's DNS servers. Define the following zone in your named.conf file to forward requests to the local SURBL cache. 

    zone "multi.surbl.org" IN { 
	type forward; 
	forward first; 
	forwarders { 
		127.0.0.1 port 54; 
	}; 
};
    (Note that BIND zone forwarding is the same technique used with Unix.)

    Lastly on the Mailsweeper servers, set the first DNS server entry to the IP of this machine which BIND is listening on. Set the second and any additional IPs to the provider's DNS servers. This creates a failover redundancy. Should the local server go down, the queries go to your provider's DNS instead. Alternatively, set up additional local mirrors and add them as the second IP, etc.