Jules Yasuna wrote:
Ok - that explains it - thank you very much. Really, many thanks !
But, is there a way to still not run BIND locally, and continue to
benefit from the RBL filters?
Take a look at djbdns. We run dnscache on all servers that require the
ability to do a DNS lookup and have for several years. It also uses a
minuscule amount of resources, if you cannot run dnscache you have
bigger problems to deal with.
http://cr.yp.to/djbdns.html
dnscache setup,
http://cr.yp.to/djbdns/run-cache.html
It makes a noticeable difference in RBL performance on your end, and
provides a great reduction in traffic for the RBL provider.
DAve
Perhaps there is a timeout associated with the RBL filters that can
be increased? I understand that if such a timout option existed and
was increased, performance would suffer. I'm just fishing here ...
Turning off BIND was needed for other reasons. It's not mandatory
that we not run BIND, just one less service that we would have to
maintain. (we meaning ME!)
Many thanks for your help, Kevin
Kevin Parris wrote:
You're wasting time and network resources by sending all the RBL
query traffic upstream to your ISP. The ISP servers may, or may
not, be caching the results. Your spam detection rate may be
suffering from delayed (or absent) responses to the queries, thus
missing score values that would mark more of your traffic as spam.
Keep the local caching DNS running - you've already figured out by
observation that it is a valuable tool.
Jules Yasuna <[EMAIL PROTECTED]> 09/18/08 1:23 PM >>>
Just to check, we turned our nameserver back on (and adjusted
/etc/resolv.conf accordingly), and once again SAworks great !
So, please tell me what I am doing wrong here
Thanks in advance ... jules
--
Don't tell me I'm driving the cart!
