I've checked. The Spamhaus publicly distributed version of rbldnsd does
not support multiple DQS-style keys.
But, like any other DNS server, you *can* implement a single key by
putting your DNSBL zone under a name like "<key>.example.com", and as
long as the mail servers that are supposed to *know* that key don't
publish them by accident in error messages it's reasonably secure and
nobody else can query it even if they know the base name.
On 2021-11-04 4:08 p.m., Vsevolod Stakhov via mailop wrote:
On 04/11/2021 19:53, John Levine wrote:
It appears that Vsevolod Stakhov via mailop <[email protected]> said:
Rspamd RBLDNSD version [1] can do it as well. It is also much faster
than the original one (like 4 times faster) and allows dynamic updates.
And unlike Spamhaus stuff, it is free and open source, of course.
Um ... https://github.com/spamhaus/rbldnsd
Do you see any of the features discussed in this thread in the Spamhaus
rbldnsd repo? And we all assume that those features are 'just' not
published, don't we?
On the contrary, my version supports access limitation defined by 'DNS
keys' by aclkey zone extension. I have done quite a lot of other
improvements there, and have some more ideas about it (like
rate-limiting and multiprocess mode).
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
