You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Ronan <r....@qub.ac.uk> on 2004/11/29 12:45:16 UTC

SURBL caching

what changes do i need to make to the local.cf site-wide configuration 
if I am putting the SURBL zone files into my DNS?

Am i right in saying that i really dont need to make much change (to SA) 
  other than configuring the dns to act as a secondary to the surbl's dns??

ronan
-- 
Regards

Ronan McGlue
==============
Analyst/Programmer
Information Services
Queens University Belfast
BT7 1NN

Re: SURBL caching

Posted by Jeff Chan <je...@surbl.org>.

On Monday, November 29, 2004, 3:45:16 AM, Ronan Ronan wrote:
> what changes do i need to make to the local.cf site-wide configuration 
> if I am putting the SURBL zone files into my DNS?

> Am i right in saying that i really dont need to make much change (to SA) 
>   other than configuring the dns to act as a secondary to the surbl's dns??

Please set up your DNS as a primary, since you are getting the
zone files by rsync.  Please do not set up your DNS as a
secondary as that would generate bogus zone transfer requests
to our actual primary name servers.

rbldnsd, which we highly recommend, only knows how to be
authoritative (primary) for the zones it serves, but if
you're also running BIND on the same server you'll need
to tell it to forward queries for the SURBL zone(s) to
the rbldnsd server.  This is described in the rbldnsd
documents under "Mirroring RBL zone files locally" at:

  http://www.surbl.org/links.html

Jeff C.
-- 
Jeff Chan
mailto:jeffc@surbl.org
http://www.surbl.org/

Re: SURBL caching

Posted by Matt Kettler <mk...@evi-inc.com>.

At 06:45 AM 11/29/2004, Ronan wrote:
>what changes do i need to make to the local.cf site-wide configuration if 
>I am putting the SURBL zone files into my DNS?
>
>Am i right in saying that i really dont need to make much change (to 
>SA)  other than configuring the dns to act as a secondary to the surbl's dns??

To SA, the difference is irrelevant. SA just queries via the normal 
resolver, it doesn't care if the zones are locally hosted or not. Just make 
sure your /etc/resolv.conf points to a local DNS resolving server that 
actually has those zones slaved, or the transfer is more-or-less moot.

However, be sure that you've got your secondary setup done properly. Don't 
configure your DNS server to zone-transfer the SURBL zones without approval 
from the operators.

I know they generally prefer rsync transfers and have a form to request 
that service:
http://www.surbl.org/rsync-signup.html

If you've already done all that, then good job!