On 2024-10-16 at 10:26:53 UTC-0400 (Wed, 16 Oct 2024 15:26:53 +0100)
Dominic Preston via Postfix-users <[email protected]>
is rumored to have said:
I thought that's an ideal role for Dnsmasq, I primarily want to use
the
existing resolver whilst spoofing some queries, which is something
that
Pi-hole uses Dnsmasq for.
I'm not familiar with how Pi-hole is architected (I do basically the
same with a BIND RPZ) but the usual deployment of Dnsmasq uses
forwarding to an external resolver rather than doing fully independent
recursion to resolve names on its own. Forwarding DNS queries from a
mail server to a general-purpose remote resolver is unsafe for an MTA
that uses public reputation services such as DNSBLs and URIBLs.
--
Bill Cole
[email protected] or [email protected]
(AKA @[email protected] and many *@billmail.scconsult.com
addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
