[Dnsmasq-discuss] Recursive warning ...
GrantC
grant_nospam@dodo.com.au
Fri, 18 Feb 2005 10:55:23 +1100
On Thu, 17 Feb 2005 17:15:56 +0200, you wrote:
>Greetings ...
>
> I have read in the mail list archive what a "refused to do a recursive
>query" is, but I'm lost.
>
> I think that either I have miss configured my installations of dnsmasq
>or I have a big problem with my network.
>
> I'm currently getting 100MB worth of DNS traffic a day, this might be
>because I'm using anti-spam DNS stuff, but I'm also getting about 20738
>of these warning ...
>
> Could I ask for some help to fix this.
The biggest offender IMHO is the ban by spam filters doing
reverse lookups for each hit on the machine -- try a different
approach: kill each nn.nn.nn.nn/24 IP block that sources spam
in the firewall -- I imagine it wouldn't take long to have your
very own reject set that will immensely reduce DNS traffic.
Then whitelist 'collateral damage' IPs, if any. Worth a try?
How soon will it be that DNS operators refuse or limit services
to sites that overload them? Perhaps that is happening now?
Cheers,
Grant.