[rbldnsd] how to make public (DNS)RBL?
Jon Lewis
jlewis at lewis.org
Thu May 14 01:08:09 MSD 2009
On Wed, 13 May 2009, Chris. wrote:
> I was wondering what the /best/ method/recipe would be to create a /public/ blocklist -
> not unlike spamcop, spamhaus, dnsbl, ordb, etc...
> I understand that techtheft.info doesn't think I should/want me to, but it's /my/ network,
> and /I/ want to. :)
> So, here's the deal; I've been working on a "trap" system for about a year. I can now say
> it works better than anything else available on the net - so why not share the benefits
> with all?
> So here's my current layout:
> Assuming my domain name is explodingspam (com, net, org)
> that the box that it's on is fuse.explodingspam.com
> that it is running the BIND
> that explodingspam.com is using one internet routable IP.
I'll offer a few pieces of advice.
1) Use a disposable domain. If explodingspam.com is your domain, and you
intend to keep it long term for other purposes than the public DNSBL,
don't use it for the DNSBL. Figure out another domain name to use
dedicated to the DNSBL. This makes it much easier to shut it down and
make all the traffic stop/go away when you eventually do shut it down.
2) If your system is as good as you say, you're going to need multiple
rbldnsd servers and some bandwidth. Don't expect to be able to do this on
a single colo machine or (worse) your home system on cable or DSL.
3) rbldnsd is intended to be a DNSBL name server only. If you're doing
authoratative DNS or caching DNS, you'll want/need to continue to run
something else for that (bind, djb's tools, etc.) and you're going to
need multiple IP addresses.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the rbldnsd
mailing list