That's a bad thing to do. A caching name server is pretty easy to implement (all the distros that I've played with do it automatically just installing bind). Many (most?/all?) RBLs require a subscription (read money) if you exceed a certain number of queries. A public dns server can hammer them quite quickly, and thus get filtered out. A local caching server is definitely recommended. I've never read any posts suggesting reasons not to use one...
...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 -----Original Message----- From: Ian Zimmerman [mailto:i...@buug.org] Sent: Friday, May 16, 2014 6:38 PM To: users@spamassassin.apache.org Subject: Re: SPAM from a registrar On Sat, 17 May 2014 01:34:58 +0200 Karsten Bräckelmann <guent...@rudersport.de> wrote: > I don't know whether DOB limits DNS queries of a single host. > However, if you *never* get that rule firing, the NXDOMAIN result may > indicate exceeding a query limit. Do you use a local caching DNS > resolver, or does SA use your upstream ISP's one, along with a million > other SA instances? Excellent point. I _used to_ run a local DNS cache, but got rid of it a few months ago, in the name of simplicity. Was that a good or bad thing to do in the current context? -- Please *no* private copies of mailing list or newsgroup messages.