Can an RPZ record be used for a non-existed domain?
Grant Taylor
gtaylor at tnetconsulting.net
Fri Mar 25 00:30:55 UTC 2022
On 3/24/22 4:34 PM, Carl Byington via bind-users wrote:
> Yes, the disconnect was my brain. I will try to plug that back in.
;-)
We've all had those days. Most of us will have them again.
> How do you do that in /etc/hosts?
It's been a while, so I'm relying on memory, a.k.a. lossy media.
/etc/hosts:
a.b.c.d outbound.example.com
Really that simple. Forward lookup would search names (right hand
side). Reverse lookup would search the IPs (left hand side).
Maybe this is somewhat dependent on the stub resolver library on the
system and / or the system itself. It's been 5-15 years since I've last
done this. It could be very likely that things were quite different 25
years ago.
> For some users, for some (possibly all) senders, we require that d.c.b.a
> .in-addr.arpa has some PTR record where the corresponding A record
> resolves back to a.b.c.d.
There is also a key difference in what you've said vs what I've said.
You seem to be using DNS specific terminology while I'm using host
generic name resolution. The former doesn't support /etc/hosts while
the latter does.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220324/a5fbb6b7/attachment.bin>
More information about the bind-users
mailing list