Hello David F. Skoll, Am 2011-07-04 09:24:19, hacktest Du folgendes herunter: > My experiments on real mail servers show that DNS caching is quite > ineffective for DNSBLs (at least for typical ones like Spamhaus that > use a short TTL on the order of 15-30 minutes.)
Is the TTL set global or are the TTLs set by IP?
> Executive summary: On a very quiet mail server, assuming a 15-minute
> TTL, there was only a 50% cache hit rate on DNSBL lookups. On a
> fairly busy mail server, the cache hit rate fell to 22%.
I have a local bind9 which implement my private list and it set the TTL
per target which is quiet effectiv
> The problem, of course, is that most mail servers are hit by
> connections from all over the place... spammers have a lot of IP
> addresses to choose from, so you don't get much repetition within the
> TTL of a typical DNSBL. If you really need high-performance DNSBL
> lookups, you need to arrange for a zone transfer and run a local
> authoritative name server for the DNSBL.
1+
This can be costly, since the zone transfers are only for bigger usage
and not more free...
> Regards,
> David.
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
itsystems@tdnet France itsystems@tdnet
Owner Michelle Konzack Owner Michelle Konzack
Apt. 917 (homeoffice) Gewerbe Straße 3
50, rue de Soultz 77694 Kehl/Germany
67100 Strasbourg/France Tel: +49-177-9351947 mobil
Tel: +33-6-61925193 mobil Tel: +49-176-86004575 office
<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>
Jabber linux4miche...@jabber.ccc.de
ICQ #328449886
Linux-User #280138 with the Linux Counter, http://counter.li.org/
signature.pgp
Description: Digital signature
