-
Notifications
You must be signed in to change notification settings - Fork 10
DNS Config
Marco Favero edited this page May 19, 2021
·
3 revisions
Once you exported lists in RBLDNS format, you can configure your RBLDNSD to see them.
Assume you exported (or rsynced) your list to /etc/rbldnsd/yourbl/. spamip is a list of spam ips. whiteip a list of good ips, spamdomain is a URIBL.
Your rbldns config to write is something like
RBLDNSD="- -u rbldns -b 127.0.0.1/1053 \
-f \
-l /var/log/rbldns.log \
-w /etc/rbldnsd/ \
[...]
whiteip.rbl.example.com:ip4tset:yourbl/whiteip \
spamip.rbl.example.com:ip4tset:yourbl/spamip \
uribl.rbl.example.com:dnset:yourbl/spamdomain \
spamhash.rbl.example.com:dnset:yourbl/spamhash
If you forward to BIND, you could have in named.conf:
zone "rbl.example.com" {
type master;
file "pri.hosts_rbl.example.com";
notify explicit;
also-notify { <otherip>; }; # maybe
allow-update { none; };
allow-transfer { <otherip>; }; # maybe
};
zone "whiteip.rbl.example.com" IN {
type forward;
forward first;
forwarders { 127.0.0.1 port 1053; };
};
zone "spamip.rbl.example.com" IN {
type forward;
forward first;
forwarders { 127.0.0.1 port 1053; };
};
zone "spamdomain.rbl.example.com" IN {
type forward;
forward first;
forwarders { 127.0.0.1 port 1053; };
};
zone "spamhash.rbl.example.com" IN {
type forward;
forward first;
forwarders { 127.0.0.1 port 1053; };
};
You can replace example.com with your own domain, or just use a .local domain.
How to employ these configured lists? Spam and ham blocklist can be configured in Postscreen for a reject at SMTP level combined with other lists. Otherwise, you can set Spamassassin rules. The list of domain can be useful in a Spamassassin rule.