High performance DNS server configuration?
Reindl Harald
h.reindl at thelounge.net
Thu Sep 15 11:57:11 UTC 2016
Am 15.09.2016 um 13:20 schrieb Pekka Jalonen:
> Server is mail server with ~+150 K users.
>
> Problem is procmail + postfix with rbl's (zen.spamhaus.org and others).
>
> Really big problem are spam botnet's and some day we can get over 5-6
> million messages per day or even more.
>
> Procmail/postfix is doing every check per msg at localdns (localdns =>
> rbl's) server and average check time is 1-2 sec per message and it's
> too much
bind is probably the wrong software for that task
if the caching-resolver is only for inbound mail use unbound
"cache-min-ttl: 100" violates standards but on the other hand works
around the 5 seconds TTL of many RBL and may reduce the outbound
dns-requests at peak times dramatically without much bad impact (slip
through while listed within the 100 seconds)
More information about the bind-users
mailing list