>From: John Hardin <jhar...@impsec.org> >I think this part of the wiki page may not be stressed stongly enough:
>Non-forwarding >If you have a large ISP or are using large public DNS provider(s) it is >recommended you not forward mail-related DNS traffic through their DNS >servers (though non-mail DNS traffic from your site shouldn't have >problems.) With bind, this means not having any "forwarders" listed. Or, >at a minimum, you could create exemptions by defining empty forwarders for >DNSBL zones, like this: https://wiki.apache.org/spamassassin/CachingNameserver I just simplified that page quite a bit. It needs a little more work on it but it should be pretty clear now to not use a forwarding DNS server locally and do not point the server to another DNS server in /etc/resolv.conf. Dave
