November
Mon	Tue	Wed	Thu	Fri	Sat	Sun
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30

[06:55:22] <obergix> > <@Salamandar:matrix.org> Bon on va continuer la discussion ici

Ah, avais pas vu... Pas cité, pas de notif ;-)... Regarderai quand je peux
[08:28:24] <obergix> Répondu dans le thread du forum. /etc/environment vide, au départ... ça doit expliquer des choses sur les suppositions des devs dans le script, etc.
[08:28:41] <obergix> aussi:
```
# cat /etc/default/locale
LANG=C.UTF-8
[08:28:50] <obergix> aussi:
`
# cat /etc/default/locale
LANG=C.UTF-8
`
[08:28:58] <obergix> aussi:
```
# cat /etc/default/locale
LANG=C.UTF-8
```
[08:33:11] <obergix> Réessayé :
```
3/5 • Apply various tweaks to prepare installation

/etc/environment: line 1: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8): No such file or directory
Done!


4/5 • Adding YunoHost repository to apt

Done

5/5 • Installing YunoHost

'apt-get install --assume-yes -o Dpkg::Options::=--force-confold -o APT::install-recommends=true yunohost yunohost-admin postfix' failed. Please check /var/log/yunohost-installation_20251102_083039.log for debugging

[FAIL] Installation of YunoHost packages failed
[INFO] Installation logs are available in /var/log/yunohost-installation_20251102_083039.log
root@test-ynh2:~# cat /etc/environment
LC_ALL="en_US.UTF-8"
```
[08:40:30] <obergix> Avant postinstall:
```
# yunohost user list --quiet --output-as json
Error: YunoHost is not correctly installed. Please run 'yunohost tools postinstall'
[08:40:34] <obergix> Avant postinstall:
```
# yunohost user list --quiet --output-as json
Error: YunoHost is not correctly installed. Please run 'yunohost tools postinstall'
```
[08:40:37] <obergix> ;-)
[08:46:59] <obergix> Après une postinstall CLI, mais qui n'affiche plus le problème de jq, j'obtiens bien:
```
# yunohost user list --quiet --output-as json
{"users": {"olivier": {"username": "olivier", "fullname": "Olivier Admin", "mail": "olivier@yolo.test", "mailbox-quota": "0"}}}
```
[08:47:11] <obergix> Peut-être juste un problème dans le postinstall Web ?
[08:49:54] <obergix> Bon, et postfix est toujours marqué dead dans le diag :-(
[08:56:56] <Salamandar> C'est normal. Mais c'est parce que ton vps n'a pas de locales installées, c'est un setup étonnant mais pas problématique
[08:57:50] <Salamandar> Oui mais il est OK en fait... J'ai du mal à comprendre
[09:14:04] <obergix> pamieu
[09:14:52] <obergix> Boh, en même temps, comme dovecot est tout pêté, osef que postfix marche en mode halloween ;)
[09:20:36] <obergix> The docs don't seem to mention such detail in https://doc.next.yunohost.org/admin/get_started/install_on/on_top_of_debian#-main-domain
[09:21:04] <obergix> I guess the guidelines given at the end of initial install don't really provide guidance on which option is preferrable : CLI or Web, but if they're not exactly interchangeable, then maybe those guidelines could be improved?
[09:21:41] <obergix> Q: My understanding is that the DynDNS stuff is only proposed to the admin in the Web postinst, whereas there's nothing advertized in the CLI postinst... correct? Or at the `Main domain:` prompt in the CLI, one may use something in .nohost.me / .noho.st / .ynh.fr, which will configure the dyndns (including reverse), but one has to guess ?
[10:18:39] <Salamandar> why are you on doc.next ? :D
[10:18:45] <Salamandar> it's actually out of date i guess
[10:37:09] <Salamandar> Now i get your locale issue : en_US is not enabled in locale.gen and locale-gen needs to be rerun
[10:43:59] <Salamandar> and when bash sees LC_ALL being defined, it tries to change to the locale but it didn't exist when the bash process was first started…
[10:44:49] <Salamandar> so let's just silence the warning
[11:00:16] <Salamandar> Je peux reproduire le problème mais seulement avec gandi…
[11:01:57] <Salamandar> et ça arrive tout le temps sur à peu près les mêmes paquets :D
[11:02:17] <Salamandar> je reproduis en rm /var/cache/apt/archives/* et en relançant apt upgrade
[11:08:28] <Salamandar> mais on dirait que openssl est cassé chez gandi, quand on regarde tes autres logs on voit :
2025-11-01 16:49:42,280: DEBUG - Failed to download logo e94b6310e56c081814ed98d7eb2023425dc23efe47e743385f93d1800e7c6ebe : HTTPSConnectionPool(host='apps.yunohost.org', port=443): Max retries exceeded with url: /default/v3/logos/e94b6310e56c081814ed98d7eb2023425dc23efe47e743385f93d1800e7c6ebe.png (Caused by SSLError(SSLEOFError(8, '[SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1029)')))
[11:18:45] <Salamandar> Par contre ton soucis de jq j'arrive pas à le reproduire
[11:20:13] <Salamandar> aw crap
[11:20:13] <obergix> > <@Salamandar:matrix.org> it's actually out of date i guess

Dunno... Googling gives stuff
[11:20:42] <Salamandar> gotta take it down now that we merged the "automagic PR preview" PR
[11:21:19] <Salamandar> anyways, the apt issue is weird, and clearly that's not a bug on our end. Gotta see how we can mitigate that… but restarting the install script works fine tbh
[11:23:30] <obergix> > <@Salamandar:matrix.org> anyways, the apt issue is weird, and clearly that's not a bug on our end. Gotta see how we can mitigate that… but restarting the install script works fine tbh

Maybe using default mirrors instead of shitty Gandi ones would help...
[11:34:17] <Salamandar> ¯\_(ツ)_/¯ maybe
[11:34:47] <Salamandar> but i don't think we can make that decision for the user
[11:38:07] <Salamandar> can be a stupid retry like that https://github.com/YunoHost/install_script/pull/88
[11:40:09] <Salamandar> even from the webadmin
[13:24:17] <Salamandar> OK so mail sending from trixie now works:
[13:24:33] <Salamandar> and receiving too
[13:24:33] <Salamandar> https://aria.im/_bifrost/v1/media/download/AR1n9NHQaDUFY7rkuaGBwXe7HMv43bhHS7gT--LJ7g6ReuRMBtNFT-cbRZ3hPPFtaBlOAGksTLMkvg7TH8RF6fNCeaSePnFwAG1hdHJpeC5vcmcvV3p3aGRPckxubUNSWUFlSURHbHBTa0Fy
[13:25:06] <Salamandar> but uh, i don't get *how* it could work :D
[13:25:41] <Salamandar> Ah
[13:25:54] <Salamandar> I guess the undelivered mail notification is given to postfix when it connects to example.com
[13:26:16] <Salamandar> (actual reception from the outside world CAN'T work: i'm on a container on my laptop)
[13:29:38] <Salamandar> FYI @Alekswag:matrix.org antispam doesn't exist anymore in dovecot, we need to use either rspamd or sieve scripts
[13:31:26] <Aleks (he/him/il/lui)> hmpf i dont even know what it did ?
[13:32:18] <Aleks (he/him/il/lui)> was it flagging mail as spam depending on basic stuff like dkim signing or somthing ?
[13:38:56] <Salamandar> i'm not entirely sure
[13:39:08] <Salamandar> but actually yunohost adds a "move to junk if X-Spam" filter
[13:52:05] <Aleks (he/him/il/lui)> Anyway oneday™ we should dig what could be a lightweight, minimal antispam, i see several packages in debian such as bogofilter, bmf, bsfilter, ifile, mailfilter, pyzor/razor, spamoracle, ...
[14:29:33] <Salamandar> aya i see a weird behaviour in email address management
[14:29:45] <Salamandar> if mydomain.tld is managed by yunohost, a incoming mail to me@sub.mydomain.tld is rerouted to me@mydomain.tld
[14:34:48] <Salamandar> (and in my case, my MX for mydomaint.ld is not the yunohost server, so postfix reroutes to the MX…)
[14:36:28] <Salamandar> Ah, so changing the mail domain of the server fixes the issue
[14:36:33] <Salamandar> (to a subdomain)
[14:40:29] <rodinux> Again some problems with openresolver...
[14:47:00] <rodinux> This time I have a different result with dig
```
dig +short 23.129.209.213.zen.spamhaus.org
127.255.255.254
[14:49:47] <rodinux> I see  «This return code indicates that you made the DNSBL query via a DNS resolver that isn't conforming with our usage terms, i.e., is making an excessive number of queries. Consequently, the query is blocked, and it will return no reputation data.»
[14:50:44] <rodinux> wtf
[15:02:58] <Aleks (he/him/il/lui)> and /etc/resolv.conf still contains just `nameserver 127.0.0.1` and dnsmasq conf is up to date according to regenconf ?
[15:03:54] <rodinux> yes for resolv.conf
[15:05:10] <rodinux> also for dnsmasq
[15:08:53] <rodinux> Yesterday I have try edit `/usr/share/yunohost/conf/dnsmasq/plain/resolv.dnsmasq.conf` to comment DNS4all resolvers, and regen-conf dnsmasq and it fixed a error from someone trying to send me a message... But I have try now let again these resolvers and do regen-conf dnsamasq again...
[15:17:10] <rodinux> It is really strange because when I saw the diagnosis today I have try as I said comment or uncomment the entris for DNS4all and at a moment the dig was correct... but after restarting dnsmasq and postfix the error comes back ???
```
root@linux07:~# yunohost tools regen-conf dnsmasq -n -d
Success! The configuration would have been updated for category 'dnsmasq'
dnsmasq:
applied:
/etc/resolv.dnsmasq.conf:
diff: @@ -1,11 +1,13 @@
+nameserver 185.233.100.101
+nameserver 194.150.168.168
+nameserver 2a0c:e300::100
+nameserver 2001:678:8::3
+nameserver 2a0c:e300::1337
+nameserver 2001:1608:10:25::9249:d69b
+nameserver 89.234.141.66
+nameserver 45.67.81.23
+nameserver 185.233.100.100
+nameserver 2a0c:e300::101
+nameserver 194.0.5.3
+nameserver 2a00:5881:8100:1000::3
nameserver 2001:1608:10:25::1c04:b12f
-nameserver 89.234.141.66
-nameserver 2a0c:e300::100
-nameserver 185.233.100.101
-nameserver 45.67.81.23
-nameserver 2001:1608:10:25::9249:d69b
-nameserver 2a00:5881:8100:1000::3
-nameserver 194.150.168.168
-nameserver 2a0c:e300::101
-nameserver 185.233.100.100
-nameserver 2a0c:e300::1337
status: updated
pending:
root@linux07:~# yunohost tools regen-conf dnsmasq -f
Success! Configuration updated for 'dnsmasq'
dnsmasq:
applied:
/etc/resolv.dnsmasq.conf:
status: updated
pending:
root@linux07:~# dig +short 23.129.209.213.zen.spamhaus.org
127.255.255.254
root@linux07:~# nano /usr/share/yunohost/conf/dnsmasq/plain/resolv.dnsmasq.conf
root@linux07:~# yunohost tools regen-conf dnsmasq -n -d
Success! The configuration would have been updated for category 'dnsmasq'
dnsmasq:
applied:
/etc/resolv.dnsmasq.conf:
diff: @@ -1,13 +1,11 @@
+nameserver 2001:1608:10:25::1c04:b12f
+nameserver 89.234.141.66
+nameserver 2a0c:e300::100
nameserver 185.233.100.101
+nameserver 45.67.81.23
+nameserver 2001:1608:10:25::9249:d69b
+nameserver 2a00:5881:8100:1000::3
nameserver 194.150.168.168
-nameserver 2a0c:e300::100
-nameserver 2001:678:8::3
+nameserver 2a0c:e300::101
+nameserver 185.233.100.100
nameserver 2a0c:e300::1337
-nameserver 2001:1608:10:25::9249:d69b
-nameserver 89.234.141.66
-nameserver 45.67.81.23
-nameserver 185.233.100.100
-nameserver 2a0c:e300::101
-nameserver 194.0.5.3
-nameserver 2a00:5881:8100:1000::3
-nameserver 2001:1608:10:25::1c04:b12f
status: updated
pending:
root@linux07:~# yunohost tools regen-conf dnsmasq -f
Success! Configuration updated for 'dnsmasq'
dnsmasq:
applied:
/etc/resolv.dnsmasq.conf:
status: updated
pending:
root@linux07:~# dig +short 23.129.209.213.zen.spamhaus.org
127.0.0.2
127.0.0.9
root@linux07:~# dig +short 23.129.209.213.zen.spamhaus.org
127.0.0.2
127.0.0.9
root@linux07:~# yunohost service restart postfix
Success! Service 'postfix' restarted
root@linux07:~# yunohost service restart dnsmasq
Success! Service 'dnsmasq' restarted
root@linux07:~# dig +short 23.129.209.213.zen.spamhaus.org
127.255.255.254


[15:18:02] <Aleks (he/him/il/lui)> don't know how to debug further witthout direct access to the machine
[15:21:36] <rodinux> Wow, again I have try comment the DNS4all and
```
root@linux07:~# nano /usr/share/yunohost/conf/dnsmasq/plain/resolv.dnsmasq.conf
root@linux07:~# yunohost tools regen-conf dnsmasq -f
Success! Configuration updated for 'dnsmasq'
dnsmasq:
applied:
/etc/resolv.dnsmasq.conf:
status: updated
pending:
root@linux07:~# dig +short 23.129.209.213.zen.spamhaus.org
127.0.0.2
127.0.0.9
```
[15:23:41] <Aleks (he/him/il/lui)> yes, DNS4all is part of the equation, but just because it's banned by Spamhaus and postfix uses spamhaus to reject spam doesn't mean we should just remove DNS4all from the resolver pool entirely, for all we know Spamhaus could decide tomorrow to add all the other resolvers we use in our resolver pool to its ban list
[15:23:51] <Aleks (he/him/il/lui)> yes, DNS4all is part of the equation, but just because it's banned by Spamhaus and postfix uses spamhaus to reject spam doesn't mean we should just remove DNS4all from the resolver pool entirely, for all we know Spamhaus could decide tomorrow to add all the other resolvers we use in our resolver pool to its "open resolver" ban list
[15:25:25] <Aleks (he/him/il/lui)> can you share the output of `journalctl -u dnsmasq --no-pager --no-hostname -n 100 | grep -i spamhaus`
[15:26:10] <rodinux> Ok, it's a hell SpamHaus, they want users to pay for their sevices, isn't it ?

```
journalctl -u dnsmasq --no-pager --no-hostname -n 100 | grep -i spamhaus
Nov 02 16:04:53 dnsmasq[2188747]: using nameserver 82.118.21.219#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 213.81.185.73#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 2a00:12a8:8000::fff0:3#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 2a05:9404::e0#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 2a05:f480:2000:1246:9998:cf46:6cf8:1e7a#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 70.34.211.66#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 82.118.21.219#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 213.81.185.73#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 2a00:12a8:8000::fff0:3#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 2a05:9404::e0#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 2a05:f480:2000:1246:9998:cf46:6cf8:1e7a#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 70.34.211.66#53 for domain *.zen.spamhaus.org
Nov 02 16:04:53 dnsmasq[2191046]: using nameserver 82.118.21.219#53 for domain *.zen.spamhaus.org
Nov 02 16:19:58 dnsmasq[2191046]: using nameserver 213.81.185.73#53 for domain *.zen.spamhaus.org
Nov 02 16:19:58 dnsmasq[2191046]: using nameserver 2a00:12a8:8000::fff0:3#53 for domain *.zen.spamhaus.org
Nov 02 16:19:58 dnsmasq[2191046]: using nameserver 2a05:9404::e0#53 for domain *.zen.spamhaus.org
Nov 02 16:19:58 dnsmasq[2191046]: using nameserver 2a05:f480:2000:1246:9998:cf46:6cf8:1e7a#53 for domain *.zen.spamhaus.org
Nov 02 16:19:58 dnsmasq[2191046]: using nameserver 70.34.211.66#53 for domain *.zen.spamhaus.org
Nov 02 16:19:58 dnsmasq[2191046]: using nameserver 82.118.21.219#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 213.81.185.73#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 2a00:12a8:8000::fff0:3#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 2a05:9404::e0#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 2a05:f480:2000:1246:9998:cf46:6cf8:1e7a#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 70.34.211.66#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 82.118.21.219#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 213.81.185.73#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 2a00:12a8:8000::fff0:3#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 2a05:9404::e0#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 2a05:f480:2000:1246:9998:cf46:6cf8:1e7a#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 70.34.211.66#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 82.118.21.219#53 for domain *.zen.spamhaus.org

[15:28:25] <rodinux> It have comes back to bad reputation ??

```
dig +short 23.129.209.213.zen.spamhaus.org
127.255.255.254
[15:29:38] <Aleks (he/him/il/lui)> does it return a proper result if you use ` dig +short 23.129.209.213.zen.spamhaus.org @127.0.0.1` ?
[15:29:38] <rodinux> ```
dig +short 23.129.209.213.zen.spamhaus.org @127.0.0.1
127.255.255.254
[15:30:02] <Aleks (he/him/il/lui)> (╯°□°）╯︵ ┻━┻
[15:33:54] <rodinux> I have a pflogsum from yesterday... something like this
```
message bounce detail (by relay)
--------------------------------
dovecot (total: 2)
2 user unknown

message reject detail
---------------------
RCPT
blocked using zen.spamhaus.org (total: 8)
3 smtp2.nordnet.fr
2 mailjet.com
1 178.16.53.31
1 196.251.115.155
1 ovh.net

message reject warning detail: none

message hold detail: none

message discard detail: none

smtp delivery failures: none

Warnings
--------
postfix-script (total: 9)
3 not owned by root: /etc/postfix/./app_senders_login_maps
3 not owned by root: /etc/postfix/.
3 not owned by root: /etc/postfix/./app_senders_login_maps.db
smtpd (total: 52)
11 TLS library problem: error:0A000102:SSL routines::unsupported p...
5 non-SMTP command from unknown[167.94.138.177]: \026\003\003\001...
5 non-SMTP command from unknown[162.142.125.126]: \026\003\003\00...
4 hostname 37-166-52-168.coucou-networks.fr does not resolve to a...
4 non-SMTP command from unknown[162.142.125.126]: \026\003\001\00...
4 non-SMTP command from unknown[167.94.138.177]: \026\003\001\001...
4 non-SMTP command from ec2-3-131-215-38.us-east-2.compute.amazon...
3 hostname hostglobal.plus does not resolve to address 78.153.140...
1 hostname unused-space.coop.net does not resolve to address 206....
1 hostname scan-12.security.ipip.net does not resolve to address ...
1 non-SMTP command from unknown[194.165.16.166]: \003\000\000/*\3...
1 non-SMTP command from unknown[162.142.125.126]: \026\003\002\00...
1 non-SMTP command from unknown[167.94.138.177]: \026\003\002\001...
1 non-SMTP command from scan-18.shadowserver.org[65.49.20.67]: GE...
1 non-SMTP command from unknown[194.165.16.163]: \003\000\000/*\3...
1 non-SMTP command from unknown[91.238.181.94]: \003\000\000/*\34...
1 non-SMTP command from unknown[164.90.213.172]: GET / HTTP/1.0
1 non-SMTP command from unknown[2607:ff10:c8:594::5]: \026\003\00...
1 non-SMTP command from unknown[91.238.181.92]: \003\000\000/*\34...
1 non-SMTP command from ec2-3-83-145-39.compute-1.amazonaws.com[3...

[15:36:24] <rodinux> Perhaps the problem comes because yesterday my friend whith an Undelivered message have try few times to send a return answer before it match ???
[15:39:29] <Aleks (he/him/il/lui)> no, your DNS queries with `dig` are getting the return `127.255.255.254` even when explictly going through 127.0.0.1 so it's not related to postfix or email per-se...
[15:42:55] <Aleks (he/him/il/lui)> can you double-check that `ss -tulpn | grep "LISTEN.*127.0.0.1:53"` shows dnsmasq as the process listening on port 53
[15:44:08] <rodinux> Humm,,,,

```
ss -tulpn | grep "LISTEN.*127.0.0.1:53"
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=191))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=190))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=176))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=175))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=114))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=110))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=103))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=99))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=70))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=61))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=59))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=58))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=53))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=52))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=49))
tcp LISTEN 0 1024 127.0.0.1:5351 0.0.0.0:* users:(("turnserver",pid=1295381,fd=40))
[15:44:42] <Aleks (he/him/il/lui)> mokay, no dnsmasq in there ?
[15:44:44] <rodinux> It is a problem with the turnserver ??
[15:45:17] <Aleks (he/him/il/lui)> no ... it's just listening on port 5351 so the regex matched these lines ...
[15:45:39] <Aleks (he/him/il/lui)> let's check `ss -tulpn | grep "dnsmasq" | grep LISTEN` then ...
[15:46:23] <rodinux> I have do something like `iptables -t nat -A PREROUTING -p UDP --dport 443 -j REDIRECT --to-ports 5349` time ago...
[15:47:07] <Aleks (he/him/il/lui)> no idea why you'd do that but doesn't seem related to DNS resolution ...
[15:47:14] <rodinux> ```
ss -tulpn | grep "dnsmasq" | grep LISTEN
tcp LISTEN 0 32 0.0.0.0:53 0.0.0.0:* users:(("dnsmasq",pid=2192463,fd=5))
tcp LISTEN 0 32 [::]:53 [::]:* users:(("dnsmasq",pid=2192463,fd=7))
[15:48:35] <Aleks (he/him/il/lui)> mokay, curious that your dnsmasq listens to 0.0.0.0 instead of 127.0.0.1 but that shouldn't be that much of a deal
[15:49:01] <Aleks (he/him/il/lui)> can you share `cat /etc/default/dnsmasq | grep -v '^#\|^$'` and `cat /etc/dnsmasq.conf`
[15:50:32] <rodinux> ```
cat /etc/default/dnsmasq | grep -v '^#\|^$'
ENABLED=1
CONFIG_DIR=/etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new
IGNORE_RESOLVCONF=yes

cat /etc/dnsmasq.conf
domain-needed
expand-hosts
localise-queries



interface=lo

resolv-file=/etc/resolv.dnsmasq.conf
[15:51:26] <Aleks (he/him/il/lui)> mokay, all normal here so gneh why is it listening to 0.0.0.0
[15:52:27] <Aleks (he/him/il/lui)> does `ls /etc/dnsmasq.d/ | grep -vF '.'` lists something else than `spamhaus` and `README` ?
[15:53:05] <rodinux> is it the node_exporter which have a hooks ??
[15:53:33] <Aleks (he/him/il/lui)> ... i don't know ... do you mean that node_exporter is a file listed in there ...
[15:53:50] <rodinux> nothing else
[15:54:23] <Aleks (he/him/il/lui)> let's have a look at `systemctl cat dnsmasq` then
[15:54:49] <Aleks (he/him/il/lui)> and `dnsmasq --version | head -n 1`
[15:57:26] <rodinux> ```
cat dnsmasq
# /lib/systemd/system/dnsmasq.service
[Unit]
Description=dnsmasq - A lightweight DHCP and caching DNS server
Requires=network.target
Wants=nss-lookup.target
Before=nss-lookup.target
After=network.target

[Service]
Type=forking
PIDFile=/run/dnsmasq/dnsmasq.pid

# Test the config file and refuse starting if it is not valid.
ExecStartPre=/usr/share/dnsmasq/systemd-helper checkconfig

# We run dnsmasq via the /usr/share/dnsmasq/systemd-helper script which acts
# as a wrapper picking up extra configuration files and then execs dnsmasq
# itself, when called with the "exec" function.
ExecStart=/usr/share/dnsmasq/systemd-helper exec

# The *-resolvconf functions configure (and deconfigure)
# resolvconf to work with the dnsmasq DNS server. They're called like
# this to get correct error handling (ie don't start-resolvconf if the
# dnsmasq daemon fails to start).
ExecStartPost=/usr/share/dnsmasq/systemd-helper start-resolvconf
ExecStop=/usr/share/dnsmasq/systemd-helper stop-resolvconf


ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target
[15:57:48] <rodinux> ```
dnsmasq --version | head -n 1
Dnsmasq version 2.90 Copyright (c) 2000-2024 Simon Kelley
[15:59:54] <Aleks (he/him/il/lui)> meh it's not even the fact that it listens to 0.0.0.0:53 that is suspicious, my server does this as well too in fact
[15:59:55] <Aleks (he/him/il/lui)> ¯\_(ツ)_/¯
[16:00:15] <Aleks (he/him/il/lui)> have you considered cyberexorcism
[16:02:04] <rodinux> with the `systemctl status dnsmasq` I see the line
```
Nov 02 16:19:59 linux07.fr dnsmasq[2192463]: read /etc/hosts - 15 names
[16:03:09] <rodinux> and I think I have edited few times `/etc/hosts` and not sure if is clear...
[16:03:17] <Aleks (he/him/il/lui)> well i doubt that you have anything related to spamhaus in it ...
[16:03:37] <rodinux> Ok, I believe you
[16:04:38] <rodinux> It have come back normal ??
```
dig +short 23.129.209.213.zen.spamhaus.org
127.0.0.2
127.0.0.9
[16:05:10] <rodinux> ```
dig +short 23.129.209.213.zen.spamhaus.org @127.0.0.1
127.0.0.2
127.0.0.9
[16:05:37] <Aleks (he/him/il/lui)> dnsmasq ~randomly picks a resolver in resolver pool, sometimes it picks DNS4all, sometimes it picks another one
[16:06:42] <Aleks (he/him/il/lui)> the question is why is it picking a resolver in the resolver pool despite that we explicitly define the resolver to use for spamhaus queries in /etc/dnsmasq.d/spamhaus
[16:07:24] <Aleks (he/him/il/lui)> and we even see explicitly in the journalctl logs

```
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 2a00:12a8:8000::fff0:3#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 2a05:9404::e0#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 2a05:f480:2000:1246:9998:cf46:6cf8:1e7a#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 70.34.211.66#53 for domain *.zen.spamhaus.org
Nov 02 16:19:59 dnsmasq[2192463]: using nameserver 82.118.21.219#53 for domain *.zen.spamhaus.org
```
[16:08:08] <Aleks (he/him/il/lui)> so yeah idk yeet the server into fire and let's go potatoes growing
[16:08:44] <Aleks (he/him/il/lui)> https://c.tenor.com/pah6cIxA5GAAAAAd/tenor.gif
[16:18:28] <rodinux> https://aria.im/_bifrost/v1/media/download/Aa4E9li02Yxgxr3HNMa5TBsrdIXpMh6nn4NKcZhSBorgWfGCL_WxxVLMMACpar0-DzHKb1k2NZvwfycJom2NVv1CeaSoNFwQAG1hdHJpeC5vcmcvU0pMRHZLeHZJREl1RkRWVVFNakJjaXdO
[18:16:44] <·☽•Nameless☆•777 · ±> Ghost in the shell 😮 ?