[rbldnsd] rbldnsd and blackholes.us
Vlad Z
vz at B3.ca
Fri Oct 7 23:58:53 MSD 2005
Michael,
thank you for your suggestions, my rbldnsd works fine now, effectively
blacklisting the entire world.
My next challenge is to exclude US and Canada from the list. Is there a way
to avoid manual editing of countries.rbl and somehow override the
configuration, excluding 2 zones from the file?
TIA
--
Vlad Z
>> # head -11 countries.rbl.bak
>> $SOA 3000 ns1.blackholes.us <http://ns1.blackholes.us>
hostmaster.blackholes.us <http://hostmaster.blackholes.us> 0 600 300 86400
>> 300 $NS 3000 ns1.blackholes.us <http://ns1.blackholes.us>
>>
>> $DATASET ip4set @
>
>This is for 'combined' dataset type, not for ip4set you're trying to use it
with. Combined dataset is a 'container'
>for other usual datasets. Read the manpage for more details.
>It'd be nice to have some comment(s) on the top of the data files
mentioning the format/type...
>
>BTW, I don't recommend this way/sort of data distribution.
>Since you're loading/using this data in your environment, with your local
base zone name and your nameserver(s), it's wrong to list their nameservers
in the data files.
>I suggest you to add yet another file for the dataset, where you list your
own rbldnsd hostname in a form of $NS record as above:
>
> ... countries.blocked.rbl:combined:meta,countries.rbl.bak
>
>where file 'meta' contains just one line:
>
> $NS 3000 your.rbldnsd.name <http://your.rbldnsd.name> your.rbldnsd.name<http://your.rbldnsd.name>
>
>(yes, repeat it two times, it's a temporary hack to work around that
>"NS compatibility mode" which will be removed for version 1.0...)
>
>> 127.0.0.2:127
<http://127.0.0.2:127>.0.0.2:countries.blackholes.us<http://countries.blackholes.us>
>>
>> $DATASET generic @
>> @ TXT "See http://blackholes.us/"
>> @ A 216.243.118.34 <http://216.243.118.34>
>
>I'd suggest to blackholes.us <http://blackholes.us> maintainer(s) to move
the above section to a separate small file, together with $NS record(s), so
that the data files will not contain any "site-specific"
>information and will be easily owerwritable locally.
>
>> $DATASET ip4set af
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.corpit.ru/pipermail/rbldnsd/attachments/20051007/7e51aeb3/attachment.htm
More information about the rbldnsd
mailing list