I enabled debug and query logs for BIND and no, it's not look like caching
problems...
Do you have any idea how to force BIND look for CNAMEd name in RPZ?
I tried to analyze source codes, and it seems that this line prohibits to apply
policy on the second iteration:
// Sorry for HTML embedded to my first email.
Hello, I would like to set up RPZ with CNAME and A. There are two options:
1.
cname.domain.comCNAME test.domain.com(without trailing dot)
test.domain.com A 10.10.10.10
In this case I receive
# dig cname.domain.com
2 matches
Mail list logo