On 02/09/16 15:22, Daniel Stirnimann wrote:
Hi all
We maintain a block list with RPZ on our BIND resolvers. I noticed that
the RPZ policy action does not apply for domain names which SERVFAIL
(i.e. cannot be resolved by the resolver because of a timeout, lame
delegation etc.).
RPZ applies to responses not queries.
You can override this with "qname-wait-recurse" IIRC.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
