Hello Mohammed, You can use RPZ (Response Policy Zone). The following link should give you a good introduction on how to set this up:
Building DNS Firewalls with Response Policy Zones (RPZ) https://kb.isc.org/docs/aa-00525 Daniel On 13.07.20 08:44, MEjaz wrote: > Hell all, > > > > > > I have an requirement from our national Cyber security to block several > thousand forged domains from our recursive servers, Is there any way we > can add clause in named.conf to scan such bogus domain list without > impacting the performance of the servers. > > > > Thanks in advance.. for the usual contribution. > > > > > > Thanks, > > Mohammed Ejaz > > Asst. Operation Director of Systems. > > Cyberia SAUDI ARABIA > > P.O.Box: 301079, Riyadh 11372 > > Phone: (+966) 11 464 7114 Ext. 140 > > Mobile: (+966) 562311787 > > Fax: (+966) 11 465 4735 > > Website: http://www.cyberia.net.sa _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users