No reason to believe that putting IP addresses in a DNS server would
be substantively faster than an optimized local connection-time IP
database. The local db itself should be cached in memory, and thus
should never be slower when you add in the network overhead of DNS
(even on the sa
Michael Cummins wrote:
The product is basically the conduit from the URI in the email to the
list. In fact if you wanted to you could host your own URI list
internally and add domains as you see fit. We have many customers that
do this.
I understand now.
What does a record for URI look
anford
Whiteman
Sent: Saturday, July 11, 2009 3:09 AM
To: Michael Cummins
Subject: Re[2]: [Declude.JunkMail] Cutting down on DNS
> Probably a crazy question, but if I wrote a script to harvest the current
> blocks (for e-mail harvesting) out of SmarterMail (if such a thing could
be
> do
On Jul 10, 2009, at 12:50 PM, Scott Fisher wrote:
SORBS is shutting down. Might want to remove that http://www.au.sorbs.net/
Actually their website announced that they found other hosting
arrangements and will not be shutting down at this time.
---
This E-mail came from the Declude.Junk
> Probably a crazy question, but if I wrote a script to harvest the current
> blocks (for e-mail harvesting) out of SmarterMail (if such a thing could be
> done) would that make a good or a bad local URI?
Are you talking about turning a list of IPs into a list of
dotted-decimal URIs li
> The product is basically the conduit from the URI in the email to the
> list. In fact if you wanted to you could host your own URI list
> internally and add domains as you see fit. We have many customers that
> do this.
I understand now.
What does a record for URI look like in DNS? How
Michael Cummins wrote:
invURIBL is extremely effective for me even more so now that
(personally) I am using the invaluement lists which haven been
absolutely terrific.
Wow. That blindsided me. I was completely ignorant of how the product
worked. I thought that Invariant Systems maintained
> There are some advantages to Simple DNS when it comes to
> integration and replication of an entire server, but I've made up those
> deficiencies with scripting around the DNSCMD utility in the Windows
Server
> Resource Kit..
Thanks, Darin!
I've written scripts using DNSCMD before; I guess
> Just glancing around their website, I see that they recommend RSYNC
> to RBLDNSD formatted files. The Invaluement people here recommend
> Simple DNS Plus as a replacement for Windows DNS. Would most people
> here make the same recommendation?
I really have nothing against Windows DNS, no
2009 4:37 PM
Subject: RE: Re[6]: [Declude.JunkMail] Cutting down on DNS
> Note that the resulting downoaded file is in RBLDNS format. So you
> would convert it to a standard zone file. What DNS server do you use?
I'm using The MS DNS that comes on 2003 Server. I have it insta
> invURIBL is extremely effective for me even more so now that
> (personally) I am using the invaluement lists which haven been
> absolutely terrific.
Wow. That blindsided me. I was completely ignorant of how the product
worked. I thought that Invariant Systems maintained their own list, and
> Note that the resulting downoaded file is in RBLDNS format. So you
> would convert it to a standard zone file. What DNS server do you use?
I'm using The MS DNS that comes on 2003 Server. I have it installed on both
of the SmarterMail/Declude/Sniffer/INVURIBL boxes.
Is that a bad, or a good
> ...Declude just does a DNS lookup on the defined server and checks to see if
> it returns an authoritative or non-authoritative response for the host name
> of the e-mail address, and then pass/fails on that?
Yes, same way DSBLs usually work, only when you replicate the zone,
your DNS server
INVURIBL used to be fantastic, but it doesn't fare
quite as well these days. Does anyone recommend anything else?
invURIBL is extremely effective for me even more so now that
(personally) I am using the invaluement lists which haven been
absolutely terrific.
The one problem with the URI lis
PM
To: declude.junkmail@declude.com
Subject: RE: Re[2]: [Declude.JunkMail] Cutting down on DNS
> And my other recommendation stands -- look into which BLs will let you
> replicate their zone/s locally.
Thank you for your advice.
Among other things, I've been reviewing the spam tests
nford
Whiteman
Sent: Friday, July 10, 2009 3:20 PM
To: Michael Cummins
Subject: Re[4]: [Declude.JunkMail] Cutting down on DNS
*unsticks Ctrl key*
> How does one go about replicating a zone locally to begin with?
2 ways, depending on the BL. They could let you use standard DNS zone
transfer,
dbar...@declude.com
-Original Message-
From: supp...@declude.com [mailto:supp...@declude.com] On Behalf Of Michael
Cummins
Sent: Friday, July 10, 2009 2:58 PM
To: declude.junkmail@declude.com
Subject: RE: Re[2]: [Declude.JunkMail] Cutting down on DNS
> And my other recommendation stands -- l
*unsticks Ctrl key*
> How does one go about replicating a zone locally to begin with?
2 ways, depending on the BL. They could let you use standard DNS zone
transfer, or they could make you do an "out-of-band" HTTP/FTP download
of the zone.
--Sandy
Sanford
> How does one go about replicating a zone locally to begin with? Can you
> replicate multiple zones locally?
Sure.
> Should you do this on the machine that is
> hosting SmarterMail/Declude, or on another?
> Sniffer is my best test. INVURIBL used to be fantastic, but it doesn't fare
> quite as
> And my other recommendation stands -- look into which BLs will let you
> replicate their zone/s locally.
Thank you for your advice.
Among other things, I've been reviewing the spam tests I've enabled. I
thought I might share my observations with the list here, as a sounding
board. Perhaps I w
> Humans notice, because the traffic runs through a perimeter firewall
> that checks port 53 traffic against its Intrusion Protection
> profiles (amongst other things). Lately, during periods of heavy
> activity it's been ramping up the CPU and memory of the perimeter
> firewall. I'v
ford
Whiteman
Sent: Monday, July 06, 2009 8:49 PM
To: Michael Cummins
Subject: Re: [Declude.JunkMail] Cutting down on DNS
> My declude boxes are really driving DNS traffic up, loads.
As in "humans notice" or as in "my SNMP monitors notice"... is this
actually negatively
> My declude boxes are really driving DNS traffic up, loads.
As in "humans notice" or as in "my SNMP monitors notice"... is this
actually negatively impacting performance of DNS or any other service?
Do you run local caching DNS (I hope so)? The other thing to look into
is zone transfers for e
My declude boxes are really driving DNS traffic up, loads.
Is there any general advice on improving the efficiency of the various
declude checks to reduce the number of DNS hits?
Thanks!
-- Michael Cummins
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just s
24 matches
Mail list logo
