From owner-freebsd-isp Thu Aug 2 9:29:18 2001 Delivered-To: freebsd-isp@freebsd.org Received: from ovbis10.ovb.ch (ovbis10.ovb.ch [195.65.24.140]) by hub.freebsd.org (Postfix) with ESMTP id 3188737B405 for ; Thu, 2 Aug 2001 09:29:16 -0700 (PDT) (envelope-from maillist@ovb.ch) Received: from ovb03.ovb.ch ([212.55.213.11]) by ovbis10.ovb.ch with asmtp (Exim 3.31 #1) id 15SLLW-0005tK-00 for isp@freebsd.org; Thu, 02 Aug 2001 18:29:14 +0200 From: Oliver von Bueren To: isp@freebsd.org Subject: bind configuration for rbl - deny forward access through my server Date: Thu, 02 Aug 2001 18:29:28 +0200 Message-ID: X-Mailer: Forte Agent 1.8/32.548 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Authenticated-Id: ovb Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Good'day. I'm using a FreeBSD server for mail processing, which has also a DNS server running (bind 8.2.x out of -stable). As we use the rbl-Lists from mail-abuse.org to filter inbound traffic and as of now the access to this list is no more free, I need a way to deny access to these zones through my dns server, which in turn has access to the rbl-dns-servers. I have tried the following in named.conf: zone "relays.mail-abuse.org" { type stub; file "s/relays.mail-abuse.org"; transfer-source my.address.registered.with.maps; allow-query { localhost; }; masters { some-master-servers; }; }; My goal was to prevent queries to any address in relays.mail-abuse.org and "below", meaning 2.0.0.127.relays.mail-abuse.org as an example. The access to relays.mail-abuse.org gets denied to any host other than the local host but all the addresses "below" get processed as usual. BTW: I can't restrict access to the server in general, it's used otherwise too. Any hint's on that? Oliver To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message