On Mon, 04 Jul 2011 00:46:15 -1000, Warren Togami Jr. wrote:
http://www.spamtips.org/2011/07/spamassassin-why-run-your-own-dns.html
I wrote this article about why it can be important to run your own
DNS server if you have a busy Spamassassin deployment.
okay one asked :)
1: do not add forwarders in global named.conf
if one do this the risk is that eg ones isp does not pay spamhaus or
simply blocking domains via hijacking, or even dnssec is gone
2: make sure your "root" hint xone file is less then 30 days old
this file can be fetched via ftp
3: check that port 53 is open both on tcp an udp
4: use nameserver 127.0.0.1 in resolv.conf
5: make progress to get ipv6 that will help to get more dns responses
from ipv6 only dns servers and also help spread loads on dns
last one can be ignored if you want to
