Oh I see.. I thought this a kind of feature of BIND. I got it now.
On Sun, Apr 29, 2018 at 8:38 AM, Mukund Sivaraman <m...@isc.org> wrote: > On Sun, Apr 29, 2018 at 08:27:34AM +0530, Blason R wrote: > > Hi Team, > > Can someone please confirm if below stuff I found pertaining to BIND can > be > > implemented with DNS RPZ? If yes can someone please point me to the > > appropriate document? > > Domain Based Reputational Data > > > > With the release of BIND 9.8.1 a *new* reputational mechanism is > available, > > this time for use by DNS resolvers. An organisation is able to receive a > > reputational data feed describing internet domains that have a 'poor' > > reputation. A poor reputation is usually based on the delivery of > malware, > > or other forms of nefarious internet activity. > > > > The ISC have provided an efficient standardised mechanism for the use of > > reputational data by recursive DNS resolvers and have left the provision > of > > the reputational data itself to professional organisations that > specialize > > in this type of information. Additionally, the response that shall be > given > > to a client attempting to resolve a domain which is listed amongst those > > with a 'poor' reputation is left to the local organisation to decide. > > This is basically RPZ. "reputational data feed" is basically a response > policy zone. There are feed providers such as Spamhaus, Farsight > Security, etc. E.g., see this: > > https://www.spamhaus.org/news/article/669 > > Mukund >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users