[Dnsmasq-discuss] Feature suggest: combine --bogus-nxdomain
Allen Coates
dnsmasq.info at cidercounty.org.uk
Fri Mar 13 10:55:25 GMT 2015
On Wed, 11 Mar 2015 09:52:19 +0800 Chen Wei wrote:
> so the return status of "dig badass.com" will be NXDOMAIN?
Unfortunately not. My "trick" suggests a different method of keeping
bad hosts at bay.
It creates a SPAMHAUS type blacklist, and is used in the context of an
inbound connect request to a server.
The server makes a DNS call to the blacklist, giving an IP address (or
host name) and asking "who is this guy?"
The blacklist responds "he is a nuisance, keep him out" or "I have no
information".
The system is used extensively in mail servers and spam filters, which
is where I am using my blacklist.
Hope this helps
allen C
More information about the Dnsmasq-discuss
mailing list