I really don't wish to contradict the highly respected Sam and Gordon, but their zone transfer idea is not really the preferred way to do DNS zone transfers from a blacklist server. It wastes too much bandwidth online for dozens or hundreds of mail servers to do this kind of transfer. Most of the RBLDNS's that allow you to transfer anything more than one lookup at a time will prefer that you grab their zipped data files and put them on your own RBLDNS running locally. These kind of files will not work with a server like BIND, because special purpose software allows a much more compact file format. The special purpose software is usually "rbldnsd" (see below) or Dan J. Bernstein's "rbldns". RSYNC is the most common file exchange offered, but some use FTP. You can easily set up cron files to check for updates at intervals.
Your own locally cached copies of the RBLDNS's can be running on the same machine with your courier server, but when I did this here I used a second box for the RBLDNS lookups using "rbldnsd" (http://www.corpit.ru/mjt/rbldnsd.html) software highly successfully. Your courier server, of course, should also be running a local caching DNS server for courier (and perhaps Spamassassin) to do its own lookups on. Even then, usually your local RBLDNS will be separate piece of specialized software set up on a port number high in the thousands to keep it out of the way of normal DNS lookups and common ports, and not the normal caching and forwarding standard DNS software. The local caching DNS server will be set up so that it passes requests from courier (and Spamassassin) for each outside RBLDNS domain name that you host locally first to your local rbldnsd software, then if that times out, it queries the outside RBLDNS directly. Frankly, I suggest setting up courier to do RBLDNS lookups for only two very fine and completely free services (free for many smaller e-mail ervices) -- sbl-xbl.spamhaus.org and bl.spamcop.net. Spamassassin can then do RBLDNS lookups for any of the services that you host locally. Here, Spamassassin is only passed the e-mail and spam that escapes from sbl-xbl.spamhaus.org and bl.spamcop.net, which will be a very small number indeed. My own courier server is used privately by a handful of extremely well publicized e-mail addresses due to some lengthy and very public online presences. Those two RBLDNS's reject about 99% of connection attempts to my server, and Spamassassin rejects perhaps 80-85% of whatever gets by them, leaving us with about two "Inbox" folder deliveries and 8 "Spam" folder deliveries for every thousand connection attempts. This, despite the fact that most of us get large volumes of messages from various lists like courier-users. ---------------------------------------------------------------------------------------------------- Lisa Muir writes: > I've been adding dns blacklists through the courier webadmin with > great results. Wanted to add lashback to the list, and found this in > their info: > > if you wish to check whether 192.168.1.100 is listed in the UBL, you > would perform a DNS lookup on 100.1.168.192.ubl.unsubscore.com > > Is this how the web configured DNS blacklists work or do they simply They all work this way. > make a reverse DNS lookup on the IP address? I was hoping to migrate > the blacklist lookups to a localhost BIND and effectly use it as a > proxy for courier to make one single rdns lookup on, but if they all > operate like lashback, then thats not going to work with multiple > dnsbl's Why not? It'll work just fine. Of course, it will get slow. Once you get beyond 3-4 DNSBLs, the server will spend a noticeable amount of time waiting for remote DNS queries to come back. The usual solution is to make arrangements with your DNSBL's operators to let your nameservers do zone transfers, rather than ad-hoc queries. This will effectively keep your DNS lookups local, and each check essentially translates to a rather fast database dip. You can't expect it to get faster than that. ----- Original Message ----- From: "Lisa Muir" <[EMAIL PROTECTED]> To: "courier-users" <[email protected]> Sent: Wednesday, January 16, 2008 1:39 PM Subject: [courier-users] DNS lookup blacklist > I've been adding dns blacklists through the courier webadmin with > great results. Wanted to add lashback to the list, and found this in > their info: > > if you wish to check whether 192.168.1.100 is listed in the UBL, you > would perform a DNS lookup on 100.1.168.192.ubl.unsubscore.com > > Is this how the web configured DNS blacklists work or do they simply > make a reverse DNS lookup on the IP address? I was hoping to migrate > the blacklist lookups to a localhost BIND and effectly use it as a > proxy for courier to make one single rdns lookup on, but if they all > operate like lashback, then thats not going to work with multiple > dnsbl's > > Lisa. > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2008. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > courier-users mailing list > [email protected] > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users > ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
