On 2/14/2017 9:27 AM, Emin Akbulut wrote:
I'm confused a bit. Should I use forwarders or not?
I was trying to follow that guide:

---------------------------------

    As your issue with UTIBL_BLOCKED is a well-known one

    I would like to point you the FAQ section of  our homepage:

    
http://www.jam-software.com/spamassassin_in_a_box/online_manual/EN/configuredns.html
    
<http://www.jam-software.com/spamassassin_in_a_box/online_manual/EN/configuredns.html>

    Here you will find detailed information on how to configure

    a Microsoft Windows DNS server to do a conditional forwarding.


That page is a bit confusing since it shows screenshots of the DNS query results, but never actually shows a screenshot of the setting you are supposed to be changing.

That page is suggesting that you find the authoritative server for blacklist domains and force those domain queries to go to those servers. This will fix the problem, but it is a bit fragile since your lookups will start failing if those domains ever change their DNS setup.

A better idea is to have your server stop forwarding altogether. Let your DNS server query the root servers and figure out the authoritative DNS servers for the domains itself. This is how DNS servers were designed to work and there are few reasons not to do it this way. Unfortunately, I have no idea where those settings are in the Windows DNS server.

--
Bowie

Reply via email to