# is good use Google for SpamHaus records resolution ?
# First our scenario was a Zimbra server with dnsmasq
# file /etc/resolv.conf was compiled like

127.0.0.1
8.8.8.8

on 127.0.0.1 was listening just DnsMasq (it has some lines to
resolve mail.domain.xx with local address 192.168.1.x )

Every query TXT to zen.spamhaus.org were routed to google dns
8.8.8.8 . This Google DNS is not able to check in realtime spamhaus
servers and return us if an ip address is blackslisted.

The solution is use bind, it has to listen just on 127.0.0.2.
Here just the command to enable it:
ifconfig lo:0 127.0.0.2 netmask 255.0.0.0

then we have to edit /etc/named.conf and insert this line:
listen-on { 127.0.0.2/32; };

reload bind: /etc/init.d/named restart

now edit the file '/etc/resolv.conf'
remove the google dns and the file will look like:

127.0.0.1
127.0.0.2