On Feb 9, 2007, at 3:10 PM, John Levine wrote:
I'm not sure what the discussion about zone transfers is all
about. I
don't think many DNSBLS support real DNS zone transfers anymore.
Until recently, MAPS distributed its DNSBLs by AXFR and IXFR. If you
happen to have a DNS server that does IXFR, it's not a bad way to do
DNS updates. If you don't (like me), AXFR is dreadful.
MAPS recently changed their setup and now tell me just to query their
servers via a long name that includes a hash of my account number,
which I do via a funky local cache that reformats the data on the fly
into something easier for my mail servers to use. I don't know of
anyone who distributes DNSBLs other than by rsync or FTP of files of
CIDR ranges.
... which is a shame, as they're both really bad ways of doing it, but
they work, they're easy to kludge together from existing tools and
scale way better than AXFR.
I have seen a couple of blacklists fairly recently that do still use
AXFR, but
they were way, way out in the long tail - probably entirely unused
by anyone other than their operators. If they ever became popular
their operators would switch to rsync pretty quickly, I suspect.
Cheers,
Steve
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg