Re: [Declude.JunkMail] OT: DNS attacks

[Matt]

Nick, It's not a technical issue regarding recursion, it's an issue of needing recursion for customers, and wanting to block recursion when coming from the outside world where the attacks are coming from.  Kevin indicated that BIND can handle doing that on the same server, but AFAIK MS DNS does not (nor have I heard that SimpleDNS does this either but could be wrong). Matt Nick Hayer wrote: Morning Dave,   That would deny his internal users the ability to resolve external domains. Well you *may* have me on this one :)  I do not know what dns server is being used.  I use SimpleDNS so I can allow recursion by ip address/subnet.  Bind as well does this: [ recurseallow ] -Nick