[RPZ] "DNS Firewalls In Action - RPZ vs. Spam" (circleid)
Vernon Schryver
vjs at rhyolite.com
Fri Jan 4 14:29:15 UTC 2013
> From: April Lorenzen <data at serverauthority.net>
> Instead I keep a list of hosts known as of about 24 hrs ago,
> invert the answer and provide this as a standard domain BL by DNS
> query, known as IsNu.us. It answers 127.0.0.2 if the domain was not
> known as of about 24 hrs ago.
I think it would be only a small matter of programming to add
to the current set of policies. That would supplement
{GIVEN, DISABLED, PASSTHRU, NXDOMAIN, NODTA, CNAME domain}
with
{NOT NXDOMAIN, NOT NODATA, NOT CNAME domain}
or NOT-NXDOMAIN, ...
or NXDOMAIN-INVERT, ...
or something
Vernon Schryver vjs at rhyolite.com
More information about the DNSfirewalls
mailing list