http://www.openspf.org/ is pretty good.
Not only does it build the file for you, but it can test your live record.
From: Security Admin (NetSec)
To: "bind-users@lists.isc.org"
Sent: Wed, March 24, 2010 4:26:46 PM
Subject: RE: what is a SPF (type 99) record an
> All keys were available to BIND, and the zone was successfully
> resigned just by running dnssec-signzone over the zone with no
> arguments (except for the zone file name).
Hmm, sorry to have posted prematurely - it looks like all keys were
*not* available to BIND due to file ownership issues, b
Correction. I found many sites which discuss what it is, but none that
explicitly tell me how to implement in my hosts file.
If the below implementation is correct, let me know.
Thanks again in advance!!
Edward Ray
From: Baird, Josh [mailto:jba...@follett.com]
Sent: Wednesday, March 24, 2010
I have a zone which is DNSSEC signed and is configured as a dynamic
zone (although in practice dynamic updates are not normally used on
this zone). AIUI BIND 9.7.0 should automatically resign the zone as
required as long as the keys are available to it.
However, what I actuallly found is that alt
http://www.openspf.org/Introduction
Best,
Ustun
On Wed, Mar 24, 2010 at 11:53 AM, Security Admin (NetSec)
wrote:
> Struggled to find anything explicit on this subject via google to no avail.
> Best Explanation I could find was
> http://www.enyo.de/fw/software/exim/spf-update.html#6
>
>
>
> Curre
You struggled to find anything about SPF?
http://www.zytrax.com/books/dns/ch9/spf.html
Josh
From: bind-users-bounces+jbaird=follett@lists.isc.org
[mailto:bind-users-bounces+jbaird=follett@lists.isc.org] On Behalf
Of Security Admin (NetSec)
Sent: Wednesday, March 24, 2010 1:54 PM
Struggled to find anything explicit on this subject via google to no avail.
Best Explanation I could find was
http://www.enyo.de/fw/software/exim/spf-update.html#6
Currently hosts file looks like:
Mydomain.com 172800 IN TXT "v=spf1 mx -all"
Mydomain.com 172800 IN SPF "v=spf1 m
On Mar 24 2010, Oliver Henriot wrote:
Dear list users,
I'd like to understand a point about quotas on recursive clients quotas
and reading books, manuals and this list's archives hasn't made it
entirely clear to me.
I have the classical error logs :
17-Mar-2010 12:14:44.026 client: warning
I have 6 resolvers doing recursion for just under a million residential users,
and I rarely see the "recursive clients" value go above 1500. We had issues a
few months back with firewalls getting overloaded, and one of the symptoms was
that recursive clients would climb in to the thousands (it
See the BIND ARM for the option recursive-clients
As in:
options {
recursive-clients 4000;
};
I don't recall what the default is (maybe 1000), but our environment required
an increase to 4000.
You may also want to look at these options: tcp-clients X; clients-per-query
N; max-c
Dear list users,
I'd like to understand a point about quotas on recursive clients quotas
and reading books, manuals and this list's archives hasn't made it
entirely clear to me.
I have the classical error logs :
17-Mar-2010 12:14:44.026 client: warning: client 129.88.30.5#57960: no
more rec
11 matches
Mail list logo
