[rbldnsd] how to make public (DNS)RBL?

Lyle Giese lyle at lcrcomputer.net
Thu May 14 01:14:52 MSD 2009 

Jon Lewis wrote:
> On Wed, 13 May 2009, Chris. wrote:
>
>> I was wondering what the /best/ method/recipe would be to create a
>> /public/ blocklist -
>> not unlike spamcop, spamhaus, dnsbl, ordb, etc...
>> I understand that techtheft.info doesn't think I should/want me to,
>> but it's /my/ network,
>> and /I/ want to. :)
>> So, here's the deal; I've been working on a "trap" system for about a
>> year. I can now say
>> it works better than anything else available on the net - so why not
>> share the benefits
>> with all?
>> So here's my current layout:
>> Assuming my domain name is explodingspam (com, net, org)
>> that the box that it's on is fuse.explodingspam.com
>> that it is running the BIND
>> that explodingspam.com is using one internet routable IP.
>
> I'll offer a few pieces of advice.
>
> 1) Use a disposable domain. If explodingspam.com is your domain, and
> you intend to keep it long term for other purposes than the public
> DNSBL, don't use it for the DNSBL. Figure out another domain name to
> use dedicated to the DNSBL. This makes it much easier to shut it down
> and make all the traffic stop/go away when you eventually do shut it
> down.
>
> 2) If your system is as good as you say, you're going to need multiple
> rbldnsd servers and some bandwidth. Don't expect to be able to do this
> on a single colo machine or (worse) your home system on cable or DSL.
>
> 3) rbldnsd is intended to be a DNSBL name server only. If you're doing
> authoratative DNS or caching DNS, you'll want/need to continue to run
> something else for that (bind, djb's tools, etc.) and you're going to
> need multiple IP addresses.
>
> ----------------------------------------------------------------------
> Jon Lewis | I route
> Senior Network Engineer | therefore you are
> Atlantic Net |
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
> _______________________________________________
> rbldnsd mailing list
> rbldnsd at corpit.ru
> http://www.corpit.ru/mailman/listinfo/rbldnsd
These are good suggestions. I would add one more. Allow rsync'ing of the
zone files and limit the connections per hour per ip to prevent abuse.

You may in the long term suggest that users of your system only use
rsynced zone files past a certain per hour or day query limit.

Lyle Giese
LCR Computer Services, Inc.

More information about the rbldnsd mailing list