<div dir="ltr">Oh I see.. I thought this a kind of feature of BIND.<div><br></div><div>I got it now.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Apr 29, 2018 at 8:38 AM, Mukund Sivaraman <span dir="ltr"><<a href="mailto:muks@isc.org" target="_blank">muks@isc.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Sun, Apr 29, 2018 at 08:27:34AM +0530, Blason R wrote:<br>
> Hi Team,<br>
> Can someone please confirm if below stuff I found pertaining to BIND can be<br>
> implemented with DNS RPZ? If yes can someone please point me to the<br>
> appropriate document?<br>
> Domain Based Reputational Data<br>
> <br>
</span>> With the release of BIND 9.8.1 a *new* reputational mechanism is available,<br>
<span class="">> this time for use by DNS resolvers. An organisation is able to receive a<br>
> reputational data feed describing internet domains that have a 'poor'<br>
> reputation. A poor reputation is usually based on the delivery of malware,<br>
> or other forms of nefarious internet activity.<br>
> <br>
> The ISC have provided an efficient standardised mechanism for the use of<br>
> reputational data by recursive DNS resolvers and have left the provision of<br>
> the reputational data itself to professional organisations that specialize<br>
> in this type of information. Additionally, the response that shall be given<br>
> to a client attempting to resolve a domain which is listed amongst those<br>
> with a 'poor' reputation is left to the local organisation to decide.<br>
<br>
</span>This is basically RPZ. "reputational data feed" is basically a response<br>
policy zone. There are feed providers such as Spamhaus, Farsight<br>
Security, etc. E.g., see this:<br>
<br>
<a href="https://www.spamhaus.org/news/article/669" rel="noreferrer" target="_blank">https://www.spamhaus.org/news/<wbr>article/669</a><br>
<span class="HOEnZb"><font color="#888888"><br>
Mukund<br>
</font></span></blockquote></div><br></div>