High performance DNS server configuration?
Benny Pedersen
me at junc.eu
Thu Sep 15 15:19:55 UTC 2016
On 2016-09-15 15:42, John Levine wrote:
>> Problem is procmail + postfix with rbl's (zen.spamhaus.org and
>> others).
>>
>> Really big problem are spam botnet's and some day we can get over 5-6
>> million messages per day or even more.
>>
>> Procmail/postfix is doing every check per msg at localdns (localdns =>
>> rbl's) server and average check time is 1-2 sec per message and it's
>> too much.
>
> I agree that bind is likely not the best DNS cache for this purpose.
> You might look at unbound.
i hear the opposite, unbound have dnssec issues that is not in bind
unbound would need forward first in forward zone else it serves stale
data, since unbound miss forward only, i have no problem with bind there
lastly unbound miss rpz
it might change to the better later
> More importantly, at that query volume you should be running a local
> copy of rbndnsd and rsync'ing the DNSBLs.
sure both of them can use this to get more high performance in the end
More information about the bind-users
mailing list