On 11/10/2021 2:31 PM, Chris via mailop wrote:
like any other DNS server, you *can* implement a single key by putting your DNSBL zone under a name like "<key>.example.com"
The only issue here is that, for every user/customer that needs a unique key, an entirely different set of data has to be loaded into memory on the server. That's a huge limitation. It doesn't "scale". Therefore, for invaluement, in our new-ish direct query system (that started in 2018), that uses such unique keys for each DNS query customer, I had to basically custom program rbldnsd to overcome this. It took dozens of hours of very frustratingly-difficult programing, but that's partly because I'm not very good at C++! (by doing this myself, that was especially helpful for keeping this very hard-earned expertise in-house and very guarded!)
I'm not sure how the Rspamd version handles that memory issue? But for what I do, there's just one dataset in memory for each zone that serves queries that have _different_ license keys in the license key DNS-label part (but where the zone name is /otherwise/ the same). So this is very efficient!
-- Rob McEwen, invaluement
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
