[These notes came from Rick Macdougall of nougen.com on 4 May 2004. Thanks Rick!]
FAQ for rbldnsd and dnscache
- Install rbldnsd as per instructions. If you are running FreeBSD you may use the ports collection to do this.
- Choose a directory to contain the rbl data you will be downloading or rsyncing from various servers. In our case I choose to use /usr/local/rbldnsd .
-
Set up and get working your rsync of the data and make sure it works correctly. A working cron job for surbl data is:
{value 0 - 59} * * * * root /usr/local/scripts/rsyncrbldnsd.shWhere the OS is FreeBSD and you are editing the /etc/crontab file. If you are using crontab -e root, please omit the root word in the above line.Please replace {value 0 - 59} with a number between 0 and 59, and to minimize the load on the surbl server, try not to use the same number on different servers.
Where rsyncrbldnsd.sh contains:
#!/bin/sh /usr/local/bin/rsync -t some_rsync_server::surbl/*.rbldnsd /usr/local/rbldnsd
Note: The above is all on one line, and you'll replace some_rsync_server with the actual rsync server name provided when you are granted access. (To get rsync access to the SURBL zone files, please fill out our rsync access form, and let us know the IP address you will be rsyncing from and the approximate number of incoming messages processed per day.) -
Get rbldnsd up and running. We run it under daemon tools. Create a new directory in /root (or wherever) called rbldnsd. In the rbldnsd directory, create a file called run with the following information:
#!/bin/sh exec /usr/local/sbin/rbldnsd -n -l +- -b
Save and exit, then make the file executable:ws.surbl.org:dnset:/usr/local/rbldnsd/ws.surbl.org.rbldnsd be.surbl.org:dnset:/usr/local/rbldnsd/be.surbl.org.rbldnsd sc.surbl.org:dnset:/usr/local/rbldnsd/sc.surbl.org.rbldnsd chmod 755 run
Then make a subdirectory called log inside /root/rbldnsd and edit a file called run, add the following information to it:#!/bin/sh exec /usr/local/bin/multilog t s5000000 n10 /var/log/rbldnsd
Save and exit, then make the shell script executable:chmod 755 run
Now cd to /rootmv rbldnsd /service
Your rbldnsd should now start within 5 seconds.Verify it is running with:
sleep 5; svstat /service/rbldnsd/
-
Get it working with dnscache. Here is the fun stuff:
cd /etc/dnscache/root/servers vi be.surbl.org
Add your IP that your rbldnsd server is running on to the file. The IP should match the IP added to /service/rbldnsd/run file in step 4Save and exit.
cp be.surbl.org sc.surbl.org cp be.surbl.org ws.surbl.org svc -t /service/dnscache
(or restart dnscache if you are not using daemontools).
You should now be running dnscache with it looking at your rbldnsd for the data of be, sc, and ws.surbl.org and looking at the root servers for all other data.
Editor's Notes:
- rbldnsd is much faster and more memory efficient than BIND. Therefore you will likely improve your mail processing performance by using rbldnsd to serve all of your RBL zone files. Many RBLs will grant rsync access to rbldnsd versions of their zones by request.
- It's no longer necessary to manually reload rbldnsd since by default it will automatically check for and load any changed zone files every 60 seconds. This can be adjusted with the -c command line argument.
- Like any name server, log files for rbldnsd queries can get quite large if generated. Be sure to use a log rotation method like the one above or by configuring newsyslog if you choose to keep logs.
[These notes came from Rick Macdougall of nougen.com on 4 May 2004. Thanks Rick!]
FAQ for rbldnsd and dnscache
- Install rbldnsd as per instructions. If you are running FreeBSD you may use the ports collection to do this.
- Choose a directory to contain the rbl data you will be downloading or rsyncing from various servers. In our case I choose to use /usr/local/rbldnsd .
-
Set up and get working your rsync of the data and make sure it works correctly. A working cron job for surbl data is:
{value 0 - 59} * * * * root /usr/local/scripts/rsyncrbldnsd.shWhere the OS is FreeBSD and you are editing the /etc/crontab file. If you are using crontab -e root, please omit the root word in the above line.Please replace {value 0 - 59} with a number between 0 and 59, and to minimize the load on the surbl server, try not to use the same number on different servers.
Where rsyncrbldnsd.sh contains:
#!/bin/sh /usr/local/bin/rsync -t some_rsync_server::surbl/*.rbldnsd /usr/local/rbldnsd
Note: The above is all on one line, and you'll replace some_rsync_server with the actual rsync server name provided when you are granted access. (To get rsync access to the SURBL zone files, please fill out our rsync access form, and let us know the IP address you will be rsyncing from and the approximate number of incoming messages processed per day.) -
Get rbldnsd up and running. We run it under daemon tools. Create a new directory in /root (or wherever) called rbldnsd. In the rbldnsd directory, create a file called run with the following information:
#!/bin/sh exec /usr/local/sbin/rbldnsd -n -l +- -b
Save and exit, then make the file executable:ws.surbl.org:dnset:/usr/local/rbldnsd/ws.surbl.org.rbldnsd be.surbl.org:dnset:/usr/local/rbldnsd/be.surbl.org.rbldnsd sc.surbl.org:dnset:/usr/local/rbldnsd/sc.surbl.org.rbldnsd chmod 755 run
Then make a subdirectory called log inside /root/rbldnsd and edit a file called run, add the following information to it:#!/bin/sh exec /usr/local/bin/multilog t s5000000 n10 /var/log/rbldnsd
Save and exit, then make the shell script executable:chmod 755 run
Now cd to /rootmv rbldnsd /service
Your rbldnsd should now start within 5 seconds.Verify it is running with:
sleep 5; svstat /service/rbldnsd/
-
Get it working with dnscache. Here is the fun stuff:
cd /etc/dnscache/root/servers vi be.surbl.org
Add your IP that your rbldnsd server is running on to the file. The IP should match the IP added to /service/rbldnsd/run file in step 4Save and exit.
cp be.surbl.org sc.surbl.org cp be.surbl.org ws.surbl.org svc -t /service/dnscache
(or restart dnscache if you are not using daemontools).
You should now be running dnscache with it looking at your rbldnsd for the data of be, sc, and ws.surbl.org and looking at the root servers for all other data.
Editor's Notes:
- rbldnsd is much faster and more memory efficient than BIND. Therefore you will likely improve your mail processing performance by using rbldnsd to serve all of your RBL zone files. Many RBLs will grant rsync access to rbldnsd versions of their zones by request.
- It's no longer necessary to manually reload rbldnsd since by default it will automatically check for and load any changed zone files every 60 seconds. This can be adjusted with the -c command line argument.
- Like any name server, log files for rbldnsd queries can get quite large if generated. Be sure to use a log rotation method like the one above or by configuring newsyslog if you choose to keep logs.
[These notes came from Rick Macdougall of nougen.com on 4 May 2004. Thanks Rick!]
FAQ for rbldnsd and dnscache
- Install rbldnsd as per instructions. If you are running FreeBSD you may use the ports collection to do this.
- Choose a directory to contain the rbl data you will be downloading or rsyncing from various servers. In our case I choose to use /usr/local/rbldnsd .
-
Set up and get working your rsync of the data and make sure it works correctly. A working cron job for surbl data is:
{value 0 - 59} * * * * root /usr/local/scripts/rsyncrbldnsd.shWhere the OS is FreeBSD and you are editing the /etc/crontab file. If you are using crontab -e root, please omit the root word in the above line.Please replace {value 0 - 59} with a number between 0 and 59, and to minimize the load on the surbl server, try not to use the same number on different servers.
Where rsyncrbldnsd.sh contains:
#!/bin/sh /usr/local/bin/rsync -t some_rsync_server::surbl/*.rbldnsd /usr/local/rbldnsd
Note: The above is all on one line, and you'll replace some_rsync_server with the actual rsync server name provided when you are granted access. (To get rsync access to the SURBL zone files, please fill out our rsync access form, and let us know the IP address you will be rsyncing from and the approximate number of incoming messages processed per day.) -
Get rbldnsd up and running. We run it under daemon tools. Create a new directory in /root (or wherever) called rbldnsd. In the rbldnsd directory, create a file called run with the following information:
#!/bin/sh exec /usr/local/sbin/rbldnsd -n -l +- -b
Save and exit, then make the file executable:ws.surbl.org:dnset:/usr/local/rbldnsd/ws.surbl.org.rbldnsd be.surbl.org:dnset:/usr/local/rbldnsd/be.surbl.org.rbldnsd sc.surbl.org:dnset:/usr/local/rbldnsd/sc.surbl.org.rbldnsd chmod 755 run
Then make a subdirectory called log inside /root/rbldnsd and edit a file called run, add the following information to it:#!/bin/sh exec /usr/local/bin/multilog t s5000000 n10 /var/log/rbldnsd
Save and exit, then make the shell script executable:chmod 755 run
Now cd to /rootmv rbldnsd /service
Your rbldnsd should now start within 5 seconds.Verify it is running with:
sleep 5; svstat /service/rbldnsd/
-
Get it working with dnscache. Here is the fun stuff:
cd /etc/dnscache/root/servers vi be.surbl.org
Add your IP that your rbldnsd server is running on to the file. The IP should match the IP added to /service/rbldnsd/run file in step 4Save and exit.
cp be.surbl.org sc.surbl.org cp be.surbl.org ws.surbl.org svc -t /service/dnscache
(or restart dnscache if you are not using daemontools).
You should now be running dnscache with it looking at your rbldnsd for the data of be, sc, and ws.surbl.org and looking at the root servers for all other data.
Editor's Notes:
- rbldnsd is much faster and more memory efficient than BIND. Therefore you will likely improve your mail processing performance by using rbldnsd to serve all of your RBL zone files. Many RBLs will grant rsync access to rbldnsd versions of their zones by request.
- It's no longer necessary to manually reload rbldnsd since by default it will automatically check for and load any changed zone files every 60 seconds. This can be adjusted with the -c command line argument.
- Like any name server, log files for rbldnsd queries can get quite large if generated. Be sure to use a log rotation method like the one above or by configuring newsyslog if you choose to keep logs.
[These notes came from Rick Macdougall of nougen.com on 4 May 2004. Thanks Rick!]
FAQ for rbldnsd and dnscache
- Install rbldnsd as per instructions. If you are running FreeBSD you may use the ports collection to do this.
- Choose a directory to contain the rbl data you will be downloading or rsyncing from various servers. In our case I choose to use /usr/local/rbldnsd .
-
Set up and get working your rsync of the data and make sure it works correctly. A working cron job for surbl data is:
{value 0 - 59} * * * * root /usr/local/scripts/rsyncrbldnsd.shWhere the OS is FreeBSD and you are editing the /etc/crontab file. If you are using crontab -e root, please omit the root word in the above line.Please replace {value 0 - 59} with a number between 0 and 59, and to minimize the load on the surbl server, try not to use the same number on different servers.
Where rsyncrbldnsd.sh contains:
#!/bin/sh /usr/local/bin/rsync -t some_rsync_server::surbl/*.rbldnsd /usr/local/rbldnsd
Note: The above is all on one line, and you'll replace some_rsync_server with the actual rsync server name provided when you are granted access. (To get rsync access to the SURBL zone files, please fill out our rsync access form, and let us know the IP address you will be rsyncing from and the approximate number of incoming messages processed per day.) -
Get rbldnsd up and running. We run it under daemon tools. Create a new directory in /root (or wherever) called rbldnsd. In the rbldnsd directory, create a file called run with the following information:
#!/bin/sh exec /usr/local/sbin/rbldnsd -n -l +- -b
Save and exit, then make the file executable:ws.surbl.org:dnset:/usr/local/rbldnsd/ws.surbl.org.rbldnsd be.surbl.org:dnset:/usr/local/rbldnsd/be.surbl.org.rbldnsd sc.surbl.org:dnset:/usr/local/rbldnsd/sc.surbl.org.rbldnsd chmod 755 run
Then make a subdirectory called log inside /root/rbldnsd and edit a file called run, add the following information to it:#!/bin/sh exec /usr/local/bin/multilog t s5000000 n10 /var/log/rbldnsd
Save and exit, then make the shell script executable:chmod 755 run
Now cd to /rootmv rbldnsd /service
Your rbldnsd should now start within 5 seconds.Verify it is running with:
sleep 5; svstat /service/rbldnsd/
-
Get it working with dnscache. Here is the fun stuff:
cd /etc/dnscache/root/servers vi be.surbl.org
Add your IP that your rbldnsd server is running on to the file. The IP should match the IP added to /service/rbldnsd/run file in step 4Save and exit.
cp be.surbl.org sc.surbl.org cp be.surbl.org ws.surbl.org svc -t /service/dnscache
(or restart dnscache if you are not using daemontools).
You should now be running dnscache with it looking at your rbldnsd for the data of be, sc, and ws.surbl.org and looking at the root servers for all other data.
Editor's Notes:
- rbldnsd is much faster and more memory efficient than BIND. Therefore you will likely improve your mail processing performance by using rbldnsd to serve all of your RBL zone files. Many RBLs will grant rsync access to rbldnsd versions of their zones by request.
- It's no longer necessary to manually reload rbldnsd since by default it will automatically check for and load any changed zone files every 60 seconds. This can be adjusted with the -c command line argument.
- Like any name server, log files for rbldnsd queries can get quite large if generated. Be sure to use a log rotation method like the one above or by configuring newsyslog if you choose to keep logs.
[These notes came from Rick Macdougall of nougen.com on 4 May 2004. Thanks Rick!]
FAQ for rbldnsd and dnscache
- Install rbldnsd as per instructions. If you are running FreeBSD you may use the ports collection to do this.
- Choose a directory to contain the rbl data you will be downloading or rsyncing from various servers. In our case I choose to use /usr/local/rbldnsd .
-
Set up and get working your rsync of the data and make sure it works correctly. A working cron job for surbl data is:
{value 0 - 59} * * * * root /usr/local/scripts/rsyncrbldnsd.shWhere the OS is FreeBSD and you are editing the /etc/crontab file. If you are using crontab -e root, please omit the root word in the above line.Please replace {value 0 - 59} with a number between 0 and 59, and to minimize the load on the surbl server, try not to use the same number on different servers.
Where rsyncrbldnsd.sh contains:
#!/bin/sh /usr/local/bin/rsync -t some_rsync_server::surbl/*.rbldnsd /usr/local/rbldnsd
Note: The above is all on one line, and you'll replace some_rsync_server with the actual rsync server name provided when you are granted access. (To get rsync access to the SURBL zone files, please fill out our rsync access form, and let us know the IP address you will be rsyncing from and the approximate number of incoming messages processed per day.) -
Get rbldnsd up and running. We run it under daemon tools. Create a new directory in /root (or wherever) called rbldnsd. In the rbldnsd directory, create a file called run with the following information:
#!/bin/sh exec /usr/local/sbin/rbldnsd -n -l +- -b
Save and exit, then make the file executable:ws.surbl.org:dnset:/usr/local/rbldnsd/ws.surbl.org.rbldnsd be.surbl.org:dnset:/usr/local/rbldnsd/be.surbl.org.rbldnsd sc.surbl.org:dnset:/usr/local/rbldnsd/sc.surbl.org.rbldnsd chmod 755 run
Then make a subdirectory called log inside /root/rbldnsd and edit a file called run, add the following information to it:#!/bin/sh exec /usr/local/bin/multilog t s5000000 n10 /var/log/rbldnsd
Save and exit, then make the shell script executable:chmod 755 run
Now cd to /rootmv rbldnsd /service
Your rbldnsd should now start within 5 seconds.Verify it is running with:
sleep 5; svstat /service/rbldnsd/
-
Get it working with dnscache. Here is the fun stuff:
cd /etc/dnscache/root/servers vi be.surbl.org
Add your IP that your rbldnsd server is running on to the file. The IP should match the IP added to /service/rbldnsd/run file in step 4Save and exit.
cp be.surbl.org sc.surbl.org cp be.surbl.org ws.surbl.org svc -t /service/dnscache
(or restart dnscache if you are not using daemontools).
You should now be running dnscache with it looking at your rbldnsd for the data of be, sc, and ws.surbl.org and looking at the root servers for all other data.
Editor's Notes:
- rbldnsd is much faster and more memory efficient than BIND. Therefore you will likely improve your mail processing performance by using rbldnsd to serve all of your RBL zone files. Many RBLs will grant rsync access to rbldnsd versions of their zones by request.
- It's no longer necessary to manually reload rbldnsd since by default it will automatically check for and load any changed zone files every 60 seconds. This can be adjusted with the -c command line argument.
- Like any name server, log files for rbldnsd queries can get quite large if generated. Be sure to use a log rotation method like the one above or by configuring newsyslog if you choose to keep logs.
[These notes came from Rick Macdougall of nougen.com on 4 May 2004. Thanks Rick!]
FAQ for rbldnsd and dnscache
- Install rbldnsd as per instructions. If you are running FreeBSD you may use the ports collection to do this.
- Choose a directory to contain the rbl data you will be downloading or rsyncing from various servers. In our case I choose to use /usr/local/rbldnsd .
-
Set up and get working your rsync of the data and make sure it works correctly. A working cron job for surbl data is:
{value 0 - 59} * * * * root /usr/local/scripts/rsyncrbldnsd.shWhere the OS is FreeBSD and you are editing the /etc/crontab file. If you are using crontab -e root, please omit the root word in the above line.Please replace {value 0 - 59} with a number between 0 and 59, and to minimize the load on the surbl server, try not to use the same number on different servers.
Where rsyncrbldnsd.sh contains:
#!/bin/sh /usr/local/bin/rsync -t some_rsync_server::surbl/*.rbldnsd /usr/local/rbldnsd
Note: The above is all on one line, and you'll replace some_rsync_server with the actual rsync server name provided when you are granted access. (To get rsync access to the SURBL zone files, please fill out our rsync access form, and let us know the IP address you will be rsyncing from and the approximate number of incoming messages processed per day.) -
Get rbldnsd up and running. We run it under daemon tools. Create a new directory in /root (or wherever) called rbldnsd. In the rbldnsd directory, create a file called run with the following information:
#!/bin/sh exec /usr/local/sbin/rbldnsd -n -l +- -b
Save and exit, then make the file executable:ws.surbl.org:dnset:/usr/local/rbldnsd/ws.surbl.org.rbldnsd be.surbl.org:dnset:/usr/local/rbldnsd/be.surbl.org.rbldnsd sc.surbl.org:dnset:/usr/local/rbldnsd/sc.surbl.org.rbldnsd chmod 755 run
Then make a subdirectory called log inside /root/rbldnsd and edit a file called run, add the following information to it:#!/bin/sh exec /usr/local/bin/multilog t s5000000 n10 /var/log/rbldnsd
Save and exit, then make the shell script executable:chmod 755 run
Now cd to /rootmv rbldnsd /service
Your rbldnsd should now start within 5 seconds.Verify it is running with:
sleep 5; svstat /service/rbldnsd/
-
Get it working with dnscache. Here is the fun stuff:
cd /etc/dnscache/root/servers vi be.surbl.org
Add your IP that your rbldnsd server is running on to the file. The IP should match the IP added to /service/rbldnsd/run file in step 4Save and exit.
cp be.surbl.org sc.surbl.org cp be.surbl.org ws.surbl.org svc -t /service/dnscache
(or restart dnscache if you are not using daemontools).
You should now be running dnscache with it looking at your rbldnsd for the data of be, sc, and ws.surbl.org and looking at the root servers for all other data.
Editor's Notes:
- rbldnsd is much faster and more memory efficient than BIND. Therefore you will likely improve your mail processing performance by using rbldnsd to serve all of your RBL zone files. Many RBLs will grant rsync access to rbldnsd versions of their zones by request.
- It's no longer necessary to manually reload rbldnsd since by default it will automatically check for and load any changed zone files every 60 seconds. This can be adjusted with the -c command line argument.
- Like any name server, log files for rbldnsd queries can get quite large if generated. Be sure to use a log rotation method like the one above or by configuring newsyslog if you choose to keep logs.
Data Feed Request
Our Data Feeds offer higher performance for professional users through faster updates and resulting fresher data. Freshness matters since the threat behavior is often highly dynamic, so Data Feed users can expect higher detection rates and lower false negatives.
The main data set is available in different formats:
Rsync and DNS are typically used for mail filtering and RPZ for web filtering. High-volume systems and non-filter uses such as security research should use rsync.
For more information, please contact your reseller or see the references in Links.
Sign up for Data Feed Access.
Sign up for data feed access
Direct data feed access offers better filtering performance with fresher data than is available on the public mirrors. Sign up for Data Feed Access.
Supported Applications
Learn more ...