High performance DNS server configuration?
Reindl Harald
h.reindl at thelounge.net
Thu Sep 15 15:53:07 UTC 2016
Am 15.09.2016 um 17:19 schrieb Benny Pedersen:
> On 2016-09-15 15:42, John Levine wrote:
>>> Problem is procmail + postfix with rbl's (zen.spamhaus.org and others).
>>>
>>> Really big problem are spam botnet's and some day we can get over 5-6
>>> million messages per day or even more.
>>>
>>> Procmail/postfix is doing every check per msg at localdns (localdns =>
>>> rbl's) server and average check time is 1-2 sec per message and it's
>>> too much.
>>
>> I agree that bind is likely not the best DNS cache for this purpose.
>> You might look at unbound.
>
> i hear the opposite, unbound have dnssec issues that is not in bind
where?
> unbound would need forward first in forward zone else it serves stale
> data, since unbound miss forward only, i have no problem with bind there
besides it's not true (i remember your mail on the SA list pretending
that nonsense - read the docs and read this
https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=818 - exactly the
context where you pretended stale data because missing forward-first
statement which is nonsense) for the task of the OP *no forwarding must
happen* at all
you either do *only* forwarding for a zone - "forward first" would lead
to recursion too if no forwarding response or you do recursion without
any forwarding
we talk about a inbound mailserver - nothing else
More information about the bind-users
mailing list