On Fri, 28 Sep 2007 at 11:01 -0400, [EMAIL PROTECTED] confabulated:
Duane Hill wrote:
On Fri, 28 Sep 2007 at 10:37 -0400, [EMAIL PROTECTED] confabulated:
On Sep 28, 2007, at 10:14 AM, Duane Hill wrote:
We now subscribe to the Spamhaus datafeed service. Being the zones are
now running locally under the name zen.dnsbl, I have to rewrite some of
the rules in SA. Do I just have to rewrite the relevant parts? I.e.:
Why would you need to do this? You just point your SA machine's resolver
to your local DNS server which knows it has an authoritative copy of the
zone and serves it up directly. You're not being creative enough with
your DNS configuration...
Datafeed zones are used in rbldnsd, not bind. I have a copy of rbldnsd
running locally listening on port 54. Bind queries forward to rbldnsd for
the Spamhaus queries. To ensure the queries never leave the local server
for what ever reason, a local forward-only zone 'dnsbl' was created.
Therefore, the queries are zen.dnsbl.
Just create a forward-only zone for zen.spamhaus.org and only allow SA to use
the instance of Bind that is serving this forward-only zone.
Trying to keep up with editing rules in SA is far more likely to result in
queries being sent to Spamhaus' public DNS servers.
I have made the changes and it is working. I just didn't want the queries
going off server in the event either rbldnsd or bind had issues. I have
more than one entry in /etc/resolv.conf for this reason.
------
_|_
(_| |
