On 03/11/2015 10:57 AM, Benny Pedersen wrote:
Axb skrev den 2015-03-11 10:41:
RPZ zones are domain lists - NOT nameservers lists
nameservers is domain aswell imho :=)
if anything using rbldnsd
:-)
here is just see domain not found if rpz listed, and i dont plan to list
my dns hoster for being free and good no matter how many bad domain is
using it as nameserver
if the nameserver is rpz listed, all the dns hosted domains is vanished
test:
dig +trace rpzdomain
where does it stop ? :=)
I don't quite understand your logic/language but yes, that's the point
of such a list. You list the NS and all domains on that NS get scored.
for example see:
URIBL's "Extra Datasets via Datafeed Service"
http://uribl.com/datasets.shtml
black_ns.txt - This file contains nameservers we have identified as bad,
and in turn proactively lists all domains registered against them to
Gold and lists reactive hits to URIBL Black.
# Example black_ns zone data
..
ns1.gdlpdlvrydirect.net :127.0.0.2:black_ns $ added on 2008-07-13 23:12:53
ns1.panamans.com :127.0.0.2:black_ns $ added on 2008-07-14 04:16:18
ns1.easyquickdebts.com :127.0.0.2:black_ns $ added on 2008-07-14 08:01:41
ns0.holidaynicegood.com :127.0.0.2:black_ns $ added on 2008-07-14 08:02:18
..
# Example SpamAssassin Rule usage
# - urifullnsrhssub is a SpamAssassin 3.3 SVN feature only and will
# not work in currently released versions of SpamAssassin!
# - Change blackns.your-domain.tld to the host you have this data
loaded in
# - Rescore from 0.01 after testing effectiveness on your mail flow
urifullnsrhssub BLACK_NS blackns.your-domain.tld. A 2
body BLACK_NS eval:check_uridnsbl('BLACK_NS')
tflags BLACK_NS net
score BLACK_NS 0.01
Theres a also a rather large number of such private lists.
Trust me, it's highly efficient...