Variable SOAs in negative responses

Matus UHLAR - fantomas uhlar at fantomas.sk
Tue Jan 28 19:28:42 UTC 2014


On 27.01.14 18:23, John Levine wrote:
>A friend (really) asks this question: they have some DNSBLs, which get
>a lot of queries.  Sometimes the answer has A or TXT records, meaning
>the corresponding address is listed in the DNSBL, sometimes it's
>NXDOMAIN which means the address isn't.
>
>For addresses that aren't listed, some of the NXDOMAINs are a lot less
>likely to change than others, e.g, the address of an outbound mail
>server at a large mail provider is unlikely ever to be listed, but a
>random host at a hosting provider in India, who knows.  So he'd like
>to have the TTLs on some of those NXDOMAINs be longer than others, by
>putting a different TTL in the SOA in the authority section.

If you know those IPs, why do you check them for being listed at all?
If any IP starts spamming, why to give it longer time to appear in the
blacklists? I don't think this makes sense at all...

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen display 16.7 million colors


More information about the bind-users mailing list