NXDOMAIN is not a "failure" response. Are you *sure* you're getting NXDOMAIN?
If you're using nslookup to test, be aware that it will do suffix searching by
default, so if the original query, e.g. www.bbc.co.uk fails, it'll quietly
(unless debug-mode is in effect) start appending suffixes. Look
Hi all,
I'm experimenting with RPZ on a reasonably high volume resolver. I've got
the following response-policy block defined:
response-policy {
zone "local-whitelist.rpz" policy PASSTHRU;
zone "local-blacklist.rpz" policy CNAME rpz-target.bris.ac.uk.;
};
This is working fine. Domains
2 matches
Mail list logo
