[rbldnsd] The basics - help

Thu Feb 15 04:58:35 MSK 2007

Thanks for the replies folks.  All this assistance and concept ideas is
great!

- Whether the zones are all loading properly.
- Check your syslog or output from rbldnsd startup for lines with
- wranings and errors. If a zonefile line cannot be validated it is
- dropped from the live zone and the blocking-hit will never occur.

I am seeing them ALL load correctly in the syslog so I'm safe there.

- Where you are getting the country data.
- The RIR sources are well-known for their high rates of bad or
- misleading content and the alternative manual efforts at fixing it are
- by nature always behind the facts.

The site Im grep'ing data from is completewhois.com

I will be removing the (first forward;) from the zone tables in the
conf.

--Mosher

-----Original Message-----
From: rbldnsd-bounces at corpit.ru [mailto:rbldnsd-bounces at corpit.ru] On
Behalf Of amos at treenetnz.com
Sent: Wednesday, February 14, 2007 12:51 PM
To: Small Daemon for DNSBLs
Cc: rbldnsd at corpit.ru
Subject: Re: [rbldnsd] The basics - help

> Hi folks,
>
> I just have a couple questions and I am currently trying to pin point
if
> I'm doing this correctly.
>
> The scenario and setups are as follows.
>
> This is a Gentoo Linux distro.
> BIND version 9.4.0
> rbldnsd version 0.996
> Postfix version 2.3.7
>
> Sample of named.conf ...
>
> Seeting up a forward of each CIDR ip pool based on country.
>
> zone "AE.blocked.rbl" IN {
> type forward;
> forward first;
> forwarders {
> 127.0.0.1 port 530;
> };
> };
> zone "AF.blocked.rbl" IN {
> type forward;
> forward first;
> forwarders {
> 127.0.0.1 port 530;
> };
> };
> zone "AG.blocked.rbl" IN {
> type forward;
> forward first;
> forwarders {
> 127.0.0.1 port 530;
> };
> };

You may be able to reduce this bit of the configuration a lot by using:
zone "blocked.rbl" IN {
  type forward;
  forward first;
  forwarders {
  127.0.0.1 port 530;
  };
};

rbldnsd will return NXDOMAIN for _anything_ outside its specified and
correctly loaded zone content. This produces a possible answer to your
other question about UK.

The catch-22 is when you are wanting to publish any other subzone of
'blocked.rbl' that are not being served by rbldnsd.
Which is not usually the case but _might_ occur.

The rest of the configs look okay.

>
> -----------------------------------------
>
>
> I'm just trying to figure out if I'm getting this down right or not.
>
> I seem to have issues with (I think) not picking up some of the
country
> like per say the UK codes.  They are still getting thru.  I'm just
> trying to get a grasp on if my approach is correct.  Any advice would
be
> greatly appreciated.  If anyone needs more info I can provide that.
>
> Thanks folks.
>
> --Mosher

The results there depend on two very important things:

 - Where you are getting the country data.
    The RIR sources are well-known for their high rates of bad or
misleading content and the alternative manual efforts at fixing it are
by nature always behind the facts.

 - Whether the zones are all loading properly.
    Check your syslog or output from rbldnsd startup for lines with
wranings and errors. If a zonefile line cannot be validated it is
dropped from the live zone and the blocking-hit will never occur.

AYJ

_______________________________________________
rbldnsd mailing list
rbldnsd at corpit.ru
http://www.corpit.ru/mailman/listinfo/rbldnsd