Re: Anyone using MyDNS to create private dsn rbl lists?
On Thu, 2006-06-01 at 19:52 -0700, Marc Perkel wrote: I'm thinking about using MyDNS to create my own DNS blacklist. I'm thinking I'll make it available to everyone to list IPs that are not on other lists. Mostly virus infected zombies and such. So - has anyone else done this? Looking for some pointers. I'm running Exim and wanting to have Exim add IP addresses to the list. I'm also thinking about adding another field that will have an expiration date for the record so as to self clean the list. But - I don't want to reinvent everything so if someone is doing this I can use some help. Will share the results. Thanks in advance. I have been using rbldnsd without any problems. Only that it does not have an expire option Thanks Ram Marc Perkel Junk Email Filter dot com
Re: Anyone using MyDNS to create private dsn rbl lists?
Ramprasad wrote: On Thu, 2006-06-01 at 19:52 -0700, Marc Perkel wrote: I'm thinking about using MyDNS to create my own DNS blacklist. I'm thinking I'll make it available to everyone to list IPs that are not on other lists. Mostly virus infected zombies and such. So - has anyone else done this? Looking for some pointers. I'm running Exim and wanting to have Exim add IP addresses to the list. I'm also thinking about adding another field that will have an expiration date for the record so as to self clean the list. But - I don't want to reinvent everything so if someone is doing this I can use some help. Will share the results. Thanks in advance. I have been using rbldnsd without any problems. Only that it does not have an expire option The reason I chose MyDNS was it was MySQL based and could be updated live. And I thought that if I added a field that set an expiration of now+24 hours then I could expire old entries with a simple script.
Re: Anyone using MyDNS to create private dsn rbl lists?
On Fri, 2 Jun 2006, Marc Perkel wrote: The reason I chose MyDNS was it was MySQL based and could be updated live. And I thought that if I added a field that set an expiration of now+24 hours then I could expire old entries with a simple script. rbldnsd can be updated semi-live. Every check number of minutes it examines the zone data files and if they've changed it reloads them. Thus you can add/remove entries and within a minute or two they're active. It does not have an explicit time field but you could use the TXT comment field for that purpose. -- Dave Funk University of Iowa dbfunk (at) engineering.uiowa.eduCollege of Engineering 319/335-5751 FAX: 319/384-0549 1256 Seamans Center Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527 #include std_disclaimer.h Better is not better, 'standard' is better. B{
Re: Anyone using MyDNS to create private dsn rbl lists?
On Fri, 2 Jun 2006, David B Funk wrote: On Fri, 2 Jun 2006, Marc Perkel wrote: The reason I chose MyDNS was it was MySQL based and could be updated live. And I thought that if I added a field that set an expiration of now+24 hours then I could expire old entries with a simple script. rbldnsd can be updated semi-live. Every check number of minutes it examines the zone data files and if they've changed it reloads them. Thus you can add/remove entries and within a minute or two they're active. Along the same lines, if you want to do things by creating zone files and then reloading those, good old ISC BIND can push updates to slave servers almost instantly when you do a rndc reload. However, unless there's something missing, if I were doing a DNS-based RBL, I'd be very tempted to do it all with dynamic DNS records. According to the ISC BIND documentation: http://www.isc.org/sw/bind/arm93/Bv9ARM.ch04.html#dynamic_update dynamic DNS data is stored persistently on disk, so you should be able to just use a dynamic DNS client to add and remove records. It may not be as flexible as SQL, but it seems like it would be dead simple to implement. - Logan
Anyone using MyDNS to create private dsn rbl lists?
I'm thinking about using MyDNS to create my own DNS blacklist. I'm thinking I'll make it available to everyone to list IPs that are not on other lists. Mostly virus infected zombies and such. So - has anyone else done this? Looking for some pointers. I'm running Exim and wanting to have Exim add IP addresses to the list. I'm also thinking about adding another field that will have an expiration date for the record so as to self clean the list. But - I don't want to reinvent everything so if someone is doing this I can use some help. Will share the results. Thanks in advance. Marc Perkel Junk Email Filter dot com