Hi Tony,
Many thanks for the hint.
My mistake: no dot at the end in the domain name for the passthru statement.
Kind regards
Hans
--
-Original Message-
From: Tony Finch [mailto:d...@dotat.at]
Sent: Monday, October 9, 2017 12:09 PM
To: MAYER Hans
Cc: bind-us...@isc.org
Subject: Re: response-policy zones from spamhaus.org
MAYER Hans wrote:
>
> I also tried to define these records in my own RPZ and hoping it has
> higher priorities.
It should work if you put your passthru RPZ before any blocking RPZs.
A tangential aside...
The ordering in a response-policy section can affect performance, as well as
which policies take priority. I set `qname-wait-recurse no`, and I list RPZs
that do not require recursion (because they only contain `qname` and
`rpz-client-ip` triggers) before RPZs with unrestricted triggers.
Tony.
--
f.anthony.n.finchhttp://dotat.at/ - I xn--zr8h punycode
Fitzroy: Easterly or northeasterly 4 or 5 in southeast, otherwise variable 3 or
4. Slight or moderate. Fair. Good.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
