Question about BIND and RPZ
Felipe Arturo Polanco
felipeapolanco at gmail.com
Sat Aug 4 13:52:51 UTC 2018
I have a question regarding BIND and its RPZ functionality.
We are using a DNS provider that blocks malware by returning an NXDOMAIN
response back whenever a match is found.
The way they differentiate between real non-existent websites vs malware
sites is by turning off the 'recursion available' bit in the NXDOMAIN
response, non-existent sites do have this bit turned on.
Is there a way to match this flag in an RPZ policy to redirect malware
sites response to a wall garden website while not matching real
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users