Testing DQS

Querying DQS means performing DNS queries, therefore testing access to it requires relying on tools that can perform DNS queries at request.

One of the most common tools for this purpose is -in the UNIX environment- dig, and the following documentation will rely on it for the examples.

For testing purposes, all the databases containing IP data list the IP 127.0.0.2, so the easiest way to check that a DQS key is working properly is querying for that IP against the desired DNSBL zone. For example:

$ dig ANY 2.0.0.127.<key>.zen.dq.spamhaus.net +noall +answer

; <<>> DiG 9.10.6 <<>> ANY 2.0.0.127.<key>.zen.dq.spamhaus.net +noall +answer
;; global options: +cmd
2.0.0.127.<key>.zen.dq.spamhaus.net. 60 IN	A 127.0.0.10
2.0.0.127.<key>.zen.dq.spamhaus.net. 60 IN	A 127.0.0.2
2.0.0.127.<key>.zen.dq.spamhaus.net. 60 IN	A 127.0.0.4
2.0.0.127.<key>.zen.dq.spamhaus.net. 60 IN	TXT "https://www.spamhaus.org/query/ip/127.0.0.2"
2.0.0.127.<key>.zen.dq.spamhaus.net. 60 IN	TXT "https://www.spamhaus.org/sbl/query/SBL2"

You may note that in the example above we’re performing a query for type ANY: this will, in general, return both the A and the TXT records.

In particular, the query against ZEN is returning

  • 3 A records, one for each database composing the ZEN zone

    • 127.0.0.2 for the SBL database

    • 127.0.0.4 for the XBL database

    • 127.0.0.10 for the PBL database

  • 2 TXT records

    • one pointing to the public lookup and removal tool (https://www.spamhaus.org/query/ip/127.0.0.2), provided by the XBL and PBL components

    • one containing the pointer to the listing information provided for this IP, provided by the SBL component