[rbldnsd] Using rbldnsd to blacklist websites
Wayne Sherman
wsherman at gmail.com
Fri Jan 26 01:44:25 MSK 2007
Michael Tokarev,
I want to use rbldnsd to blacklist abusive websites in addition to,
or instead of, spam hosts. A common practice is to use the hosts file to block abusive
websites by pointing them to a localhost address like 127.0.0.1. See here:
http://www.hosts-file.net/
and
http://www.mvps.org/winhelp2002/hosts.htm
Using this technique can bog down a Windows machine, and only benefits
one PC, not the whole LAN. So I want to use a lightweight DNS server
to filter out abusive domains for our whole network.
I can create a script to convert the host file format into a valid
rbldnsd dataset, but rbldns won't take "." (the root domain) as a domain:
RBLDNSD=" \
web-bl -r /var/lib/rbldnsd/web-bl -q -4 -b 192.168.141.7/53 \
.:dnset:test"
My test file contains:
.mydomain.com
another.com
I want to use rbldnsd to respond to normal domain queries like these:
badsite.com
avirussite.com
popupsite.net
anothervirus.fi
These will have to work, without appending anything else onto the domain.
The return value should return 127.0.0.2, another address of my choosing,
or some kind of domain not found error.
Is it possible to use rbldnsd in this way? Can a DNS server (BIND or
Windows 2003) be setup to forward queries for all its domains to rbldnsd
first for blacklist checking?
I have a feeling it might it be better to use rbldnsd as the primary DNS
and have it be a proxy to the real DNS for domains it does not have
listed. That provides more control, and gives the option of returning
a "domain not found" error to the requester for blacklisted domains.
Another question, are you interested in adding a dataset type
for "hosts" file syntax?
Thanks,
Wayne
More information about the rbldnsd
mailing list