Re: RPZ with Spamhaus

2019-06-24 Thread Simon Forster
> On 24 Jun 2019, at 13:16, G.W. Haywood via bind-users > wrote: > > On Mon, 24 Jun 2019, Tony Finch wrote: >> Mik J via bind-users > > wrote: >> > >> > I registered in spamhaus but don't know how to be able to axfr the >> > content of the zone >> ... The DROP l

Re: Barclays bank domain unresolvable only on some servers

2019-06-16 Thread Simon Forster
A very quick check from an iPad showed the host resolving fine from a couple of different recursives. The local one: Shared from ISC Dig for iOS ; <<>> DiG 9.13.3 <<>> @192.168.0.10 +dnssec +noqr +multiline federate-secure.glbaa.barclays.com ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status:

Re: frequent queries to root servers

2016-02-01 Thread Simon Forster
> On 30 Jan 2016, at 21:57, John Levine wrote: > >> If chained CNAMEs work for you, more power to you. But don't be >> surprised if they fail unexpectedly at some point. > > If they don't, you'll have a lot of unhappy users since there's a > whole lot of the Internet they won't be able to see

Re: Is SpamHaus Feed for RPZ is free or subscription based?

2013-11-06 Thread Simon Forster
On 6 Nov 2013, at 14:08, Steven Carr wrote: > On 6 November 2013 11:19, Dave Warren wrote: >> Perhaps you can point out where on that page RPZ is mentioned? > > The Spamhaus news article announcing the "beta" RPZ service > (http://www.spamhaus.org/news/article/669/) indicates that the > Spamha

Re: RRL probably not useful for DNS IP blacklists,

2013-09-23 Thread Simon Forster
On 23 Sep 2013, at 20:21, Vernon Schryver wrote: >> From: Tony Finch > >>> As a matter of interest, if one had a DNSBL with 5.5 million entries >>> (i.e. 5.5 million IPs): >>> >>> 1) What needs to be done to rewrite that to a BIND zone? >>> 2) What sort of machine would be required to load th

Re: RRL probably not useful for DNS IP blacklists, was Re: New Versions of BIND are available (9.9.4, 9.8.6, and 9.6-ESV-R10)

2013-09-23 Thread Simon Forster
On 23 Sep 2013, at 19:24, Tony Finch wrote: > Simon Forster wrote: >> >> As a matter of interest, if one had a DNSBL with 5.5 million entries >> (i.e. 5.5 million IPs): >> >> 1) What needs to be done to rewrite that to a BIND zone? >> 2) What sort of

Re: RRL probably not useful for DNS IP blacklists, was Re: New Versions of BIND are available (9.9.4, 9.8.6, and 9.6-ESV-R10)

2013-09-23 Thread Simon Forster
On 23 Sep 2013, at 15:59, Vernon Schryver wrote: >> From: Eliezer Croitoru > >>> Major DNSBL providers have years since limited anonymous clients for >>> business or other reasons. For example, I think Spamhaus limits >>> anonymous clients to fewer than 3 queries/second. > >> and I doubt the

Re: 100% CPU / wedge with 9.8.3-P4 & RPZ?

2013-03-16 Thread Simon Forster
e in beta while minor tweaks are made to the production process. Customers now should see updates to the DBL zone file every 3 minutes and updates to the DROP zone every 15 minutes. Additionally, the latency between zone updates and zone propagation has been reduced by two minutes. ATB Simon Forster