DNS Blackholing

Phil Mayers p.mayers at imperial.ac.uk
Tue Dec 4 09:45:07 UTC 2012


On 12/04/2012 02:44 AM, John Hascall wrote:
>
> We have found that RPZ works quite well for us.
> We have 366825 names in our RPZ zone at present
> and scaling thus far has been a non-issue.ot (

Likewise. We have 675k entries in an RPZ zone, and performance is fine.

It's genuinely surprising how many hits we get on the "Badness" host (we 
rewrite the RPZ result to a CNAME aimed at an internal host) even from 
machines which are clean, with sensible users at the keyboard. There's a 
lot of slime on the internet that you can step in and track into the 
house...

It also amazes me how many people will install spyware in exchange for a 
web browser "search toolbar". Sigh...



More information about the bind-users mailing list