[rbldnsd] how to make public (DNS)RBL?

Chris. cth at fastmail.ca
Thu May 14 02:03:42 MSD 2009 

Hello Steven, and thank you for your reply...

On Wed, 13 May 2009 17:23:44 -0400, Steven Champeon wrote...

> on Wed, May 13, 2009 at 05:08:09PM -0400, Jon Lewis wrote:
>> I'll offer a few pieces of advice.
>> 
>> 1) Use a disposable domain.  If explodingspam.com is your domain, and
>> you intend to keep it long term for other purposes than the public
>> DNSBL, don't use it for the DNSBL.  Figure out another domain name to
>> use dedicated to the DNSBL.  This makes it much easier to shut it
>> down and make all the traffic stop/go away when you eventually do
>> shut it down.
>> 
>> 2) If your system is as good as you say, you're going to need
>> multiple rbldnsd servers and some bandwidth.  Don't expect to be able
>> to do this on a single colo machine or (worse) your home system on
>> cable or DSL.
>> 
>> 3) rbldnsd is intended to be a DNSBL name server only.  If you're
>> doing authoratative DNS or caching DNS, you'll want/need to continue
>> to run something else for that (bind, djb's tools, etc.) and you're
>> going to need multiple IP addresses.
> 
> 4) think REALLY HARD about this for a while and decide if you REALLY
> want to devote your life (or some portion of it) to having other
> people's mail servers rely on YOU for free 24/7/365. Even after you've
> decided to stop providing the service, announced its demise to the
> four winds, etc.

Understood. I've been doing this locally for many years now.
But only started using rbldnsd a year ago. The same time I cobbled up an
automated system I've been testing. That I now feel ready to use. Point being;
I've had quite some time to consider it, and I've decided to do it. :)

> 
> 5) consider charging for the service from the start, so you may be
> able to afford the unforeseen costs that will be associated with the
> service in the event of its success. Recent years have seen a marked
> shift away from freely and publicly available DNS-based blocklists
> to for-profit (or at least sustainable) models.

Yes, I've noticed that a few of the "long timers" have stopped serving.

> 
> 6) naturally, because successful blacklists are the target of those
> who they are intended to drive out of business, you WILL get DDoS'd
> at some point. I sure hope that being DDoS'd doesn't have a material
> impact on your, or others', businesses. Also, make sure that you know
> how to monitor for, and ameliorate, such events.

Been there, done that, and /yes/ I'm equipped. :)

> 
> 7) if you have to ask this list for basic instructions on how to
> provide an IP-based DNSBL using rbldnsd, you're NOT READY.

err, um. It's not that I'm unable to figure it out. But rather to
solicit /suggestions/ based on /others/ experiences. :)
I fancy myself as being quite capable. But I'm not stupid enough
to believe I know /all/ the answers. Or that someone else couldn't
have a better idea.

> 
> I offer this in the friendly spirit of someone who's seen many others
> go ranting mad after a few months of offering DNSBLs.

Taken in the spirit that it was intended. :)

Thanks for the response.

--Chris

> 
> hth,
> Steve
> 
> --
> hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w:
> http://hesketh.com/ antispam news, solutions for sendmail, exim,
> postfix: http://enemieslist.com/
> _______________________________________________ rbldnsd mailing list
> rbldnsd at corpit.ru
> http://www.corpit.ru/mailman/listinfo/rbldnsd
_________________________________________________________________
    http://fastmail.ca/ - Fast Secure Web Email for Canadians

More information about the rbldnsd mailing list