On Tue, 4 Jan 2011 06:18:55 -0800 (PST) John Hardin <jhar...@impsec.org> wrote:
> DNS needs to deal with an exponentially-increased address space > regardless of how RBLs behave. Perhaphs DNS caching needs to be > partitioned so that a huge number of queries on *.spamhaus.org don't > blow everything else out of the cache. Right, but once your cache is blown, you're back to always querying the authoritative server. John Levine proposes a fix with a clever way to represent many entries with a small number of queries so you don't blow your cache. I think making zone files available for download so you can run your own authoritative servers is another good approach, especially for whitelists. Regards, David.
