on the dns front, i've found that some spam senders are
arranging things so that the guys doing reverse-lookup
validataion will get 192.168 or 10. addresses. for some reason
arin doesn't return an address for a query on 10.in-addr.arpa
or 168.192.in-addr.arpa, so dns will loop from the top and never
time out.
this doesn't fix the problem, but it will stop these kinds of queries in
their tracks. add to /lib/ndb/$myrecursiveserver:
#
# spam defense. unfortunately, arin doesn't give negative
# rcodes for these non-routable addresses. we'll do it for
# them
#
dom=168.192.in-addr.arpa soa=
refresh=3600 ttl=3600
ns=ns1.MY.DOM
ns=ns2.MY.DOM
dom=10.in-addr.arpa soa=
refresh=3600 ttl=3600
ns=ns1.MY.DOM
ns=ns2.MY.DOM
- erik
