www-infrastructure-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryl C. W. O'Shea (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (INFRA-2507) ASF-ify the spamassassin.org DNS hosting
Date Fri, 05 Aug 2011 03:09:27 GMT

    [ https://issues.apache.org/jira/browse/INFRA-2507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13079772#comment-13079772
] 

Daryl C. W. O'Shea commented on INFRA-2507:
-------------------------------------------

Hi Tony,

Thanks for working on this.  Sorry I did not respond earlier, I've been away.

Progress is pretty much as I desired so far.

Some notes:

1. named is already running (for years) as our hidden master on spamassassin.zones.apache.org...
so we just need to allow transfers to your named instance.

2. In addition to the "updates" subdomain, we also need control over the subdomains "dnsbltest"
and "sa-test".  These two subdomains are part of SpamAssassin's test suite.  Without them,
a network enabled "make test" will not succeed.

3. If you don't have a current copy of our root zone, the version in svn should be up-to-date:
http://svn.apache.org/repos/asf/spamassassin/dns/spamassassin.org

So...

Let us know where we need to allow zone transfers to and we'll set it up.  We'll need to do
some work on our zone files though, as currently there's only one zone file with a mix of
inline subdomains and $INCLUDE'ed subdomains.  It'd actually be easier for us to maintain
control of the spamassassin.org root zone.

Daryl

> ASF-ify the spamassassin.org DNS hosting
> ----------------------------------------
>
>                 Key: INFRA-2507
>                 URL: https://issues.apache.org/jira/browse/INFRA-2507
>             Project: Infrastructure
>          Issue Type: Task
>      Security Level: public(Regular issues) 
>          Components: DNS
>            Reporter: Daryl C. W. O'Shea
>            Assignee: Joe Schaefer
>            Priority: Minor
>
> As discussed in the thread "Moving spamassassin.org DNS zone to ASF DNS servers - the
redux" on infra@ on Jan 22-25, 2010, the SpamAssassin PMC would like to get the spamassassin.org
domain's DNS zone hosted on the same infrastructure as the other ASF domains.
> Also, as discussed, we need a way to automatically reload the zone file since our automated
rule update infrastructure depends on being able to update DNS records to publish the rule
updates.
> Ideally we'd split the zone up into spamassassin.org and updates.spamassassin.org as
automatic updates only happen to updates.spamassassin.org.  We could get by without, but it'd
be icing on the cake.
> We'd also like to consider allowing zone transfers to sonic.net's name servers.  I think
keeping them as slave name servers wouldn't be a bad idea.  Their IPs are 209.204.159.20,
64.142.88.72 and 69.9.186.104.
> We'll also need to figure out how exactly we want the automatic reloads of the updates.spamassassin.org
zone to happen.  There's dozens of ways to do it (frequent cron job (every 15 minutes?), svn
commit hook, etc)... whatever fits in with the current security policy works for me.
> Thanks,
> Daryl

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message