Re: Spamhaus Rules and Datafeed

On Fri, 28 Sep 2007 at 11:01 -0400, spamassassin@dostech.ca confabulated:

> Duane Hill wrote:
>> On Fri, 28 Sep 2007 at 10:37 -0400, vivek@khera.org confabulated:
>>
>>> On Sep 28, 2007, at 10:14 AM, Duane Hill wrote:
>>>
>>>> We now subscribe to the Spamhaus datafeed service. Being the zones are
>>>> now running locally under the name zen.dnsbl, I have to rewrite some of
>>>> the rules in SA. Do I just have to rewrite the relevant parts? I.e.:
>>>>
>>>
>>> Why would you need to do this? You just point your SA machine's resolver
>>> to your local DNS server which knows it has an authoritative copy of the
>>> zone and serves it up directly. You're not being creative enough with
>>> your DNS configuration...
>>
>> Datafeed zones are used in rbldnsd, not bind. I have a copy of rbldnsd
>> running locally listening on port 54. Bind queries forward to rbldnsd for
>> the Spamhaus queries. To ensure the queries never leave the local server
>> for what ever reason, a local forward-only zone 'dnsbl' was created.
>> Therefore, the queries are zen.dnsbl.
>
> Just create a forward-only zone for zen.spamhaus.org and only allow SA to use
> the instance of Bind that is serving this forward-only zone.
>
> Trying to keep up with editing rules in SA is far more likely to result in
> queries being sent to Spamhaus' public DNS servers.

I have made the changes and it is working. I just didn't want the queries going off server in the event either rbldnsd or bind had issues. I have more than one entry in /etc/resolv.conf for this reason.

   _|_
  (_| | Received on Fri Sep 28 11:24:07 2007