Question about BIND and RPZ
Felipe Arturo Polanco
felipeapolanco at gmail.com
Sat Aug 4 13:52:51 UTC 2018
Hi,
I have a question regarding BIND and its RPZ functionality.
We are using a DNS provider that blocks malware by returning an NXDOMAIN
response back whenever a match is found.
The way they differentiate between real non-existent websites vs malware
sites is by turning off the 'recursion available' bit in the NXDOMAIN
response, non-existent sites do have this bit turned on.
Is there a way to match this flag in an RPZ policy to redirect malware
sites response to a wall garden website while not matching real
non-existent websites?
Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180804/a7f52103/attachment.html>
More information about the bind-users
mailing list