On 2024-10-16 at 10:26:53 UTC-0400 (Wed, 16 Oct 2024 15:26:53 +0100)
Dominic Preston via Postfix-users <lzq...@gmail.com>
is rumored to have said:
I thought that's an ideal role for Dnsmasq, I primarily want to use
the
existing resolver whilst spoofing some queries, which is something
that
Pi-hole uses Dnsmasq for.
I'm not familiar with how Pi-hole is architected (I do basically the
same with a BIND RPZ) but the usual deployment of Dnsmasq uses
forwarding to an external resolver rather than doing fully independent
recursion to resolve names on its own. Forwarding DNS queries from a
mail server to a general-purpose remote resolver is unsafe for an MTA
that uses public reputation services such as DNSBLs and URIBLs.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo@toad.social and many *@billmail.scconsult.com
addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
