[rbldnsd] Newbie questions
Skull
skull at skullkrusher.net
Mon May 16 14:33:05 MSD 2011
On 5/16/11 12:04 PM, Phoenix Kiula wrote:
> Thanks for this patient explanation. Very useful.
>
> I think I need to rephrase my question.
>
> With my /etc/resolv.conf already having 127.0.0.1, and BIND already
> locally caching some results (as on Linux Cpanel it does), wouldn't I
> get the local cache going even *without* rbldnsd? I mean let's
> presume I have NOT installed rbldnsd yet, and I have my
> /etc/resolv.conf.
>
> When I do this:
>
> dig a 36.94.21.46.sbl-xbl.spamhaus.org @127.0.0.1
>
> I already get the answer from the local cache, right? Even without rbldnsd?
Yes and no. :-)
It's coming from your resolver, AND it's cached, as every DNS query is.
The first time you query for that specific record your resolver has to
ask Spamhaus's public nameservers; then it puts the answer in its cache
and if a second lookup for the same record is done within the TTL of the
record, then BIND replies with cached data instead of doing another lookup.
If you configure a local rbldnsd instance, no query is done toward
Spamhaus nameservers, 'cause your local one is queried instead.
You may want to run your own rbldnsd instance for 2 reasons (usually).
The first one is you want to create *your own* blacklist.
The second one is you want to query a local instance of a well-known
DNSBL (like Spamhaus or SURBL ones) instead of using its public nameservers.
This happens because several public DNSBLs (both Spamhaus and SURBL,
actually) allow you to use their public resources only if your lookup
traffic is below a certain threshold.
See
http://www.spamhaus.org/organization/dnsblusage.html
http://www.surbl.org/usage-policy
respectively.
If you're above those thresholds, you're expected to pay for an rsync
access to their zonefiles, run your own rbldnsd instance and query it
instead of relying on their public infrastructure.
(also, you may want to run your own rbldnsd instance to obtain a lower
latency for performance, but organizations really needing that usually
are far above those thresholds)
--
Paranoia is a disease unto itself. And may I add: the person standing
next to you may not be who they appear to be, so take precaution.
-----------------------------------------------------------------------------
http://bofhskull.wordpress.com/
More information about the rbldnsd
mailing list