Requirements
- djbdns, which provides the
rbldnsprogramm. - the system accounts
GrbldnsandGdnslog. - ?secure service setup via runit. This is facilitated by djbdns itself.
Optional:
Delegation
White/Blacklist DNS services must be delegated subdomains. We use
rbl.magma-soft.at for the MagmaSoft smtp blacklist. There is one
server running an rbldns instance on a public IP. The zone
data is managed from a central place.
&rbl.magma-soft.at:<IP>:rbldns.magma-soft.at
However, we shortcut resolution of the whitelist on the external dnscache:
echo <IP> > /etc/dnscachex/root/servers/rbl.magma-soft.at
Setup
sudo -i
rbldns-conf Grbldns Gdnslog /etc/rbldns <IP> rbl.magma-soft.at
cd /etc/rbldns
chgrp -R staff root
chmod -R g+w root
chmod g+sw root
tail -F log/main/current&
ln -s `pwd` /service
After verifying that the service started with a line like:
@400000005c2b7df728e15adc starting rbldns
the log viewer can be terminated.
Notes
Tests will only succeed with A and TXT queries on
#.#.#.#.wl.magma-soft.at, where#is 0 - 255. Any other query will not be answered byrbldns.The MagmaSoft rbl data files startes with the following two lines to comply with DNSxL
:127.0.0.1:https://support.magma-soft.at/en/rbl?ip=$ 127.0.0.2