Re: Spamhaus Override - DNS

This is a discussion on Re: Spamhaus Override - DNS ; Thanks all for your replies; I think I'll be able to cobble something together without any hacky source patches =). As for the below remark, I do realize that Spamhaus's service will be severely impacted if their DNS is cut ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: Spamhaus Override

  1. Re: Spamhaus Override

    Thanks all for your replies; I think I'll be able to cobble something
    together without any hacky source patches =). As for the below remark,
    I do realize that Spamhaus's service will be severely impacted if their
    DNS is cut off from the world (regardless of what I do); this is mostly
    an emergency provision to try to keep at least a small corner of the
    Internet from grinding to halt should the court decide to play hardball.
    As I see it, I only have to last a little longer with no spamhaus.org
    than does the government of Illinois, hehe...
    -andy

    Dan Mahoney, System Admin wrote:
    > On Tue, 10 Oct 2006, Peter Dambier wrote:
    >
    > Y'all DO realize that if you do this and the spamhaus.org domain name is
    > suspended, your spamcop blacklist will be "frozen in time", since no
    > removals will be processed (since nobody can email spamhaus at that
    > point -- except for people doing this), right?
    >
    > -Dan
    >
    >


  2. Re: Spamhaus Override

    Andy Getz writes:

    > Thanks all for your replies; I think I'll be able to cobble something
    > together without any hacky source patches =). ...

    note that if you set up a local copy of the zone you will need to set up
    all of your recursive nameservers (which ought not be the same servers
    where you do your authority work, or at least, not the same views) to use
    "forwarders" for the zone to point these queries at your local copy of
    the zone rather than asking the .ORG server to learn about these servers.

    frankly, if you're going to change every one of your recursive nameservers,
    you'd be better off making a stub zone and pointing it at spamhaus's
    servers. all you really want is to be independent of .ORG's delegation,
    and you do not need a local copy of the zone data for that. stubs are
    moderately better than forwarders, in that they will track zone NS changes.
    --
    ISC Training! October 16-20, 2006, in the San Francisco Bay Area,
    covering topics from DNS to DHCP. Email training@isc.org.
    --
    Paul Vixie


+ Reply to Thread
« Bind 9.3 behind IPFilter firewall | Re: How to find host names served by a specific dns server »