Am 09.05.2018 um 16:28 schrieb Matthew Broadhead:
i guess my dns is set to use my isp's dns server. do i need to
set up dns relay on my machine so it comes from my ip?
there is no way we send more than 500k emails from our domain so
i should qualify for the free lookup?
On 09/05/18 20:43, David Jones wrote:
Yes. Setup BIND, unbound, or pdns_recursor on your SA server that
is not forwarding to another DNS server then set your
/etc/resolv.conf or SA dns_server to 127.0.0.1. This will make
your DNS queries isolated from your IP to stay under their daily
limit.
Keep in mind that if your SA box is behind NAT that is not
dedicated to your server then other DNS queries could get combined
with your shared public IP. This is not likely since others are
not going to query RBL/URIBL servers but it's possible. If your SA
server is directly on the Internet as an edge mail gateway then
this won't be a problem.
On 10.05.18 12:15, Matthew Broadhead wrote:
i already had bind handling my dns. i just had to add to /etc/named.conf
allow-query-cache {localhost; any;};
NO!
this way everyone is allowed to use your server as recursive DNS.
only allow "localhost;" it defined all ipv4 and ipv6 address on your system.
It's also better to define allow-recursion instead.
While it means something different, they both have same defaults, but
allow-recursion has more clear meaning.
recursion yes;
not needed by default.
and to /etc/resolv.conf
nameserver 127.0.0.1
i cannot believe that is not the default. i always assumed my dns
was working correctly.
It's not default to have DNS server on your system. And it's not default to
have localhost in resolv.conf - it may be authoritative-only.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Eagles may soar, but weasels don't get sucked into jet engines.