On 16/07/2021 17:58, Al Iverson via mailop wrote:
If you want to guide this dummy on how to run a local resolver like
that, I'd appreciate the tips.:) I was trying to get out of the DNS
business but if I want to do any local DNSBL querying, I guess I have
to reconsider that.
On an debian/ubuntu system just
apt install unbound
It comes configured fairly safely, listening only on localhost.
and edit /etc/resolv.conf to say
nameserver 127.0.0.1
And there isn't much else to it for single machine. Indeed it is quite
a good way to bring DNSSEC up to the local machine.
Resident memory usage is about 15mb. The whole thing comes in at 30mb
including all the libraries and bits.
For a network, you'd want more threads, cache, a /64 pool of ipv6
addresses to guard against cache poisons ... but out of the box
actually very sensible for a single machine.
Bill Cole said:
From the message you seem to be replying to:
I use my own local resolver (unbound 1.13.1) with no forwarders
configured.
I didn't actually see that bit, so sorry. But my reason for saying was
because I got screwed by one of my staff deciding there was a DNS issue
(there wasn't) and deploying the automatic fix of 8.8.8.8 and not
telling anybody and mail stopped for 50% of messages.
--
Tim Bray
Huddersfield, GB
t...@kooky.org
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
