Hi, I've collected a bunch of URIs that I'd like to incorporate into my rulebase. I know how to create a DNSBL, but I don't specifically know how to create a URIBL. Can I use rbldnsd for this? Or would I have to extract the IP or hostname from the URL, then also use a bunch of uri rules? If so, is there a way of automating this, given a list of URIs?
For example, I have URIs like: http://109.73.134.241/dgq01px http://51steel1.org/s4b5ztgcx http://amessofblues1.com/m0dqfx I'm also then not sure which of uri* rule definition should be used. I've used urirhsbl before for a local host blocklist, but now after reading the man page again for the first time in a while, I'm not even sure that's correct. I'm also unclear about rbldnsd config for dnset, where hostnames would be used. Here is my current command-line: /usr/sbin/rbldnsd -n -srbldnsd.stats -r/var/lib/rbldnsd -f -n -b 66.123.123.106/53 uri.example.com:dnset:urilist My urilist file looks like this: :127.0.0.2:Blocked System: http://example.com/bl?$ $NS 1w uri.example.com $SOA 1w uri.example.com admin.uri.example.com 0 2h 2h 1w 1h @ A 66.123.123.106 @ MX 10 uri.example.com @ TXT "example hostname blocklist" 25z5g623wpqpdwis.onion1.to:127.0.0.2:Blocked System, Last-Attack: 1476825181 27lelchgcvs2wpm7.3lhjyx1.top:127.0.0.2:Blocked System, Last-Attack: 1476825181 27lelchgcvs2wpm7.7jiff71.top:127.0.0.2:Blocked System, Last-Attack: 1476825181 Using the following (and variations, including dig +short) fail with NXDOMAIN # host 25z5g623wpqpdwis.onion1.to.uri.example.com 66.123.123.106 Can someone show me an example zone file using the dnset option? I'm guessing my first attempt at this message being received by the list was due to the domain samples I've included, so they've been modified. Any ideas greatly appreciated. Thanks, Alex
