spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryl C. W. O'Shea" <spamassas...@dostech.ca>
Subject Re: Spamhaus Rules and Datafeed
Date Fri, 28 Sep 2007 15:01:46 GMT
Duane Hill wrote:
> On Fri, 28 Sep 2007 at 10:37 -0400, vivek@khera.org confabulated:
> 
>> On Sep 28, 2007, at 10:14 AM, Duane Hill wrote:
>>
>>> We now subscribe to the Spamhaus datafeed service. Being the zones 
>>> are now running locally under the name zen.dnsbl, I have to rewrite 
>>> some of the rules in SA. Do I just have to rewrite the relevant 
>>> parts? I.e.:
>>>
>>
>> Why would you need to do this?  You just point your SA machine's 
>> resolver to your local DNS server which knows it has an authoritative 
>> copy of the zone and serves it up directly.  You're not being creative 
>> enough with your DNS configuration...
> 
> Datafeed zones are used in rbldnsd, not bind. I have a copy of rbldnsd 
> running locally listening on port 54. Bind queries forward to rbldnsd 
> for the Spamhaus queries. To ensure the queries never leave the local 
> server for what ever reason, a local forward-only zone 'dnsbl' was 
> created. Therefore, the queries are zen.dnsbl.

Just create a forward-only zone for zen.spamhaus.org and only allow SA 
to use the instance of Bind that is serving this forward-only zone.

Trying to keep up with editing rules in SA is far more likely to result 
in queries being sent to Spamhaus' public DNS servers.


Daryl


Mime
View raw message