|
Serving RBLDNSD through Bind on one machine.
This configuration has been designed to provide a simple easily maintained and tested link with either Bind8 or Bind9. It assumes you are only interested in the link between rbldnsd and bind, the exact zones and content are dealt with elsewhere.
-
Create a link from the rbldnsd config file to your RBL home directory
You will need to locate it since we don't know your OS. The file is named 'rbldnsd' and defines a system variable 'RBLDNSD'. It should be in the default system configuration area (ie /etc/default/rbldnsd, /etc/sysconfig/rbldnsd, /etc/conf.d/rbldnsd).
<![CDATA[ln -s <file location>/rbldnsd /var/lib/rbldns/rbldnsd]]>
-
Alter /var/lib/rbldns/rbldnsd to contain
<![CDATA[ RBLDNSD="- -r/var/lib/rbldns -b127.0.0.3 \
zone.example.com:ip4set:datafile.txt
"
]]>
-
Create /var/lib/rbldns/datafile.txt
<![CDATA[ $TTL 10s
:127.0.0.2:
127.0.0.0/8 Okay it works.
!127.0.0.1
]]>
-
Create /var/lib/rbldns/bind.zones
<![CDATA[ zone "zone.example.com" IN {
type forward;
forward first;
forwarders { 127.0.0.3; };
};
]]>
-
Alter /etc/bind/named.conf adding at the end
<![CDATA[include "/var/lib/rbldns/bind.zones";]]>
-
Do a full restart of rbldnsd and check that no errors occured
Check: host -t TXT 2.0.0.127.zone.example.com 127.0.0.3
Expect: "Okay it works."
-
Do a full restart of bind and check that no errors occured.
Check: host -t TXT 2.0.0.127.zone.example.com
Expect: "Okay it works."
Common oversights:
- rbldnsd zone data file is in the wrong place.
- rbldnsd zone data file is empty when testing.
- rbldnsd does not have read access to zone datafile.
- bind RBL zone is covered by a wildcard (*) in a parent zone on the same server.
(this will override the forward zone at random intervals based on query patterns)
- bind or rbldnsd can't connect to their assigned ip/port.
- bind cachec contains bad data when testing
|