[rbldnsd] Using rbldnsd to blacklist websites
Michael Tokarev
mjt at tls.msk.ru
Wed Jan 31 19:30:26 MSK 2007
Wayne Sherman wrote:
>> One more comment. I guess you'd want to REFUSE the query to the base DN
>> right away. Here:
>>
>> if (qi.qi_dnlab == 0) { /* query to base zone: SOA and NS */
>> refuse(DNS_R_REFUSED); <== this place
>> ...
>> }
>>
>> without all the other stuff in this if() statement.
>
> I not sure I understand what that code does. What part is the base zone?
Not a part of it, but THE base zone....
> For example, is the base zone of "awebsite.com" the last part ".com"?
it's the "com", which is a base for awebsite.
> And for a query of a TLD like ".com" we would always refuse so bind will
> go out to the root servers to look it up?
Yes, exactly.
/mjt
More information about the rbldnsd
mailing list