On 10/02/2014 08:50 PM, Philip Prindeville wrote:
How do I go about blocking based on the NS records for a given domain
having NS records with an RHS of dns\d+\.registrar-servers\.com ?
again create a rbdnsd zone
add the NS to txt file black_ns.rbldns
in rbldnsd configure the zone as dnset type
blackns.example.net:dnset:black_ns.rbldns
urifullnsrhssub YOUR_NS_REC_BL blackns.example.net. A 2
body YOUR_NS_REC_BL eval:check_uridnsbl('YOUR_NS_REC_BL')
describe YOUR_NS_REC_BL URL domain's NS listed in YOUR NS REC BL
tflags YOUR_NS_REC_BL net
score YOUR_NS_REC_BL 3.0
you can evenuse rbldnsd on the same box as your resolver, make it listen
to port 530
configure your recursor to forward queries for your bls on *.example.net
to 127.0.0.1:530
h2h