RPZ configuration examples
Spain, Dr. Jeffry A.
spainj at countryday.net
Sat Nov 19 14:31:47 UTC 2011
> 1. Do you have basic example/steps to configure RPZ in Bind? ( I need couple of examples like /etc/named.conf file and zone files for rpz
> 2. If I use RPZ, recursive DNS will contact remote RBL database for every DNS query?
> 3. Is it possible to download DNS RBLs locally on the DNS server automatically daily and then allow RPZ query locally to give malware domain lookup response?
Here's a technical note with some configuration examples: http://ftp.isc.org/isc/dnsrpz/isc-tn-2010-1.txt. As I understand it, when you configure a response policy zone on your recursive resolver, your resolver uses the master-slave mechanism to get a copy of the response policy zone file from your RPZ provider. It keeps that copy updated based on notify messages and incremental transfers from the RPZ provider. For each query, your resolver consults your local copy of the RPZ or your cache as part of the recursive resolution process. ISC had a webinar on RPZ. See http://www.isc.org/files/imce/DNSRPZ-2011-03-01-Webinar.pdf. In it they mentioned http://www.surbl.org/ as an RPZ data provider. I worked with RPZ several months ago and had difficulty determining how well it was working. What was lacking at the time was a test domain name or set of such names guaranteed to be in the RPZ data that would generate an NXDOMAIN response. Would you please post information about your experiences as you proceed with your RPZ project. Thanks.
Jeffry A. Spain
Cincinnati Country Day School
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users