Well I was working on the same but you really need to have good RPZ feeds. I subscribed to third party feeds and have worked on my RPZ but later you need to have good reporting engine. Hence better to have a dedicated RPZ server instead and that's what I could suggest.
This is not marketing talk but I know vendor that I am working with who is offering a good product instead. Best Regards, Lionel F On Sat, Aug 4, 2018 at 7:23 PM Felipe Arturo Polanco < felipeapola...@gmail.com> wrote: > Hi, > > I have a question regarding BIND and its RPZ functionality. > > We are using a DNS provider that blocks malware by returning an NXDOMAIN > response back whenever a match is found. > > The way they differentiate between real non-existent websites vs malware > sites is by turning off the 'recursion available' bit in the NXDOMAIN > response, non-existent sites do have this bit turned on. > > Is there a way to match this flag in an RPZ policy to redirect malware > sites response to a wall garden website while not matching real > non-existent websites? > > Thanks, > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
