spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Levine" <>
Subject Re: TTL and DNSBLs (was Re: Why run your own DNS server?)
Date Mon, 04 Jul 2011 19:26:13 GMT
>My experiments on real mail servers show that DNS caching is quite
>ineffective for DNSBLs (at least for typical ones like Spamhaus that
>use a short TTL on the order of 15-30 minutes.)

That's consistent with what I've seen, although you probably won't be
surprised to hear that I have higher hopes for my range published
DNSxLs than David does, partly because I expect them to be used for
whitelist which tend to cache better for technical reasons.

But if you're looking for a DNS cache, I highly recommend unbound.
I used to use dnscache but got tired of its limitations (due entirely
to it being unchanged since 1998.)  My copy of unbound runs about
27M real RAM, 44M virtual, which is pretty modest on my 12G server.


View raw message