On Tue, 11 Mar 2003, Paul Makepeace wrote: > Has anyone implemented a barebones or better DNS blocklist? I'm > wondering if Net::DNS::Update might appear somewhere there, and what > changes to named.conf would be needed. > > Basically I'm trying to keep my secondary MXs aware of any IPs that are > pissing me off.
I am running such a blocklist here (spamsource.ukpost.com - the IPs of servers from which I have received SPAM, and yes anyone can use it) and it's fairly trivial to do. It's just a simple DNS zone so you configure it as any other in BIND (or other). Keeping it up to date is a simple matter of adding/removing entries to the zone (typically two entries in the zone file per IP - one that returns an A record and one that returns a TXT record being the error message to return). If you want to update the zone from a script and want the updates live immediately then Net::DNS::Update will work well for this however do be warned that you can end up with very large journal files. Alternatively, if you are not adding thousands of entries each our simply update the zone file manually of via a simple script and reload the name server. Jason Clifford -- UKFSN.ORG Finance Free Software while you surf the 'net http://www.ukfsn.org/ Get the T-Shirt Now
