Re: RPZ for reverse lookups ?

Clarification on what DNS is... On Sun, 25 Aug 2019, m3047 wrote: On Sat, 24 Aug 2019, J Doe wrote: [...] Is it possible to re-write a response on a reverse lookup ? For instance, if I considered example.com a “bad domain”, can I write a RPZ policy so that a reverse lookup of IP’s that map

Re: RPZ for reverse lookups ?

Yes. See below. Another respondent expresses concerns about the danger of IP address blocking. The RPZ implementation (in BIND) includes options for setting triggers on the address returned with A and RRs (rpz-ip) and nameserver address (nsip). These kinds of actions are functionally dis