[rbldnsd] Using rbldnsd to blacklist websites
Jon Lewis
jlewis at lewis.org
Sat Jan 27 23:44:31 MSK 2007
On Sat, 27 Jan 2007, Wayne Sherman wrote:
>> Since you just want to break some domains, is there a reason you can't just
>> take your caching DNS server (I think you mentioned it was bind) and make
>> it authoratative for the domains you want to break? Point them all at the
>> same file that has an SOA and
>> * IN A 127.0.0.1
>
> Yes, I could do that, but isn't the point of using rbldnsd that it is faster
> and lighter (less memory) than Bind. One could also use bind to serve spam
> rbls instead of using rbldnsd.
Yes, but the point is rbldnsd is way more efficient than bind when serving
zones with hundreds of thousands to millions of records. If you're just
going to be authoratative for a few hundred or maybe a few thousand zones,
doing it in bind should be fine.
> That gives me an idea though. I wonder if Bind is better/faster at serving
> cached DNS records as opposed to authoritative zones?
I doubt that it matters. The cache/auth data lives in the same cache...so
the only real difference would be the start-up time when bind loads the
zone data from files.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the rbldnsd
mailing list