h.reindl at thelounge.net
Thu Feb 8 10:45:29 UTC 2018
Am 08.02.2018 um 11:10 schrieb Michelle Konzack:
> Am 2018-02-08 hackte LuKreme in die Tasten:
>> Is it possible to tell bind to ignore very short TTLs and enforce
>> a...say... 5 second minimum TTL?
> VERY SHORT TTL?
> 5 sec minimum?
> What Du you mean with ignoring?
> It is you YOU have to configure Bind9 correctly to longer TTLs.
> If the NS Entry is not a Dyn-DNS entry,
> it should have anyway at least 3600 seconds
you miss the topic
many DNSBL's have a very short TTL and at the same time a limit of
queries froma single IP until you need to pay for the service
so if you have a inbound MX and the RBL has 2 seconds TTL and a botnet
is trying to deliver spam to you override the 2 scodn TTL with 90
seconds or whatever makes sense reduces the total amount of DNS requests
More information about the bind-users