Watching spammers doing queries
Kevin Darcy
kcd at daimlerchrysler.com
Wed Apr 25 20:54:03 UTC 2001
Sure, with BIND 9's "view" mechanism, you can give different answers to the
same question, depending on the client source address or address range.
- Kevin
me2 at privacy.net wrote:
> While sitting here, with querylogging on and
> !named
> *.* /var/log/named.log in the syslog, I watched spammers looking for bogus
> domains, spamtrap domains, old domains and guessing at mail servers
>
> Since I am authoritative server, and run both primary and secondary
> servers, can I 'poision' the response to these, if I identify the most
> offensive netblocks?
>
> say, send them back something like 90.1.1.1?
More information about the bind-users
mailing list