This is a forwarded message
From: Jeff Chan <[EMAIL PROTECTED]>
To: "Rob McEwen (PowerView Systems)" <[EMAIL PROTECTED]>
Date: Wednesday, December 8, 2004, 4:13:32 PM
Subject: [SURBL-Discuss] Feature Request: Whitelist_DNSRBL
===8<==============Original message text===============
On Wednesday, December 8, 2004, 7:16:41 AM, Rob Systems) wrote:
> Speaking of whitelisting, I'm using a caching dns server on my
> box which is based on BINDS.
> I currently use the following syntax in the names.config files
> to manually whitelist:
> zone "yahoo.com.multi.surbl.org" in {
> type master;
> };
> This **works** and causes the DNS caching server to return a
> "not found" WITHOUT having to ever check external DNS servers
> to resolve this. Also, the return times are lightening fast (<4ms).
> However, I'm still getting some kind of weird system errors
> logged in my "Events" log related to this process. Basically, I
> think I goofed up the syntax or I am missing some information here.
> Does anyone here happen to be familar with BIND and have any
> suggestions as to the correct syntax? What **should** my
> example from above look like?
If you want to do this please *don't* do it in the
multi.surbl.org domain. Do it in *your own domain*:
zone "yahoo.com.powerviewsystems.com" in {
type master;
};
and set up delegation for the zone in the powerviewsystems.com
zone file:
yahoo.com IN NS yournameserverhere
(When this appears in the powerviewsystems.com zone file it
delegates yahoo.com.powerviewsystems.com. not yahoo.com.)
What is happening is that there is no yahoo.com.multi.surbl.org
zone delegated from multi.surbl.org so you are creating
bogus DNS zone requests to the name servers that are
authoritative for multi.surbl.org. Those are probably
the error messages you are seeing. The requests are also
generating unnecessary packets and warning messages on
the SURBL public name servers, which is *not* cool.
Anyone else doing this or something similar should stop
doing it post haste!
However a much better way to whitelist domains is to
use the built in SpamAssassin or SpamCopURI functions:
URIDNSBL:
uridnsbl_skip_domain yahoo.com w3.org msn.com com.com yimg.com
SpamCopURI:
whitelist_spamcop_uri *.yahoo.com
I'm going to add local whitelisting (exclusion-list style) to the
SURBL FAQ and implementation guidelines.
Jeff C.
--
"If it appears in hams, then don't list it."
_______________________________________________
Discuss mailing list
[EMAIL PROTECTED]
http://lists.surbl.org/mailman/listinfo/discuss
===8<===========End of original message text===========
