On Wed, Jun 10, 2015 at 9:56 AM, David Jones <djo...@ena.com> wrote: >>> given that install unbound as local resolver takes 2 minutes it's even not >>> worth to argue on that topic and a spamfilter without RBL's and URIBL's is >>> just nonsense > >>I have installed a caching DNS server before (albeit probably about 15 >>years ago). But it just shouldn't be necessary. > > It can be necessary if you have enough mail volume.
That's not what I'm saying. It should not be necessary to run a full-blown DNS server for SA to do it's queries. It should be possible to call a library and create a DNS context that has all of it's own parameters and then use that in an isolated way. Then other services on the system are completely unaffected. Don't tell me someone has never tweaked some parameter in your supposedly caching-only nameserver and inadvertantly broken something or wished they could tweak something and can't because of the dependencies. And it's very possible that the queries might be for different names using custom query parameters in an async way and so on in which case the system resolver API might not be ideal. I'm not pooh-poohing your advice. I'm just saying the DNS bits should be librarified so that these things don't even need extra thought. This stuff might be what you do all the time but I don't. I do this once every few years. This is the sort of thing that makes people switch to "cloud services".
