On Thu, 2013-09-19 at 16:04 -0700, Michael McNally wrote: > New versions of BIND are now available from http://www.isc.org/downloads >
New Features 9.9.4 Added Response Rate Limiting (RRL) functionality to reduce the effectiveness of DNS as an amplifier for reflected denial-of-service attacks by rate-limiting substantially-identical responses. [RT #28130] I have been using this since 9.9.4bx, and although documentation is/was lacking at the time, so there might be a whitelisting somewhere , but in its absence, I highly advise against using RRL if your mail servers use those DNS servers
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
