From strenholme.usenet at gmail.com Tue Jun 1 12:50:52 2010 From: strenholme.usenet at gmail.com (Sam Trenholme) Date: Tue, 1 Jun 2010 11:50:52 -0500 Subject: Monthly announcement: I am looking for work in California Message-ID: Hello, users, I thank everyone for using my MaraDNS program and spreading the good word. People are free to use my program, for both personal and commercial use, free of charge, as well as any of the other programs or files in the MaraDNS tarball, under very liberal (2-clause BSD) terms ? you can even use MaraDNS commercially without being obligated to make source code available, as well as distributing modified versions of MaraDNS, either with or without source code. I would like everyone to know that I am returning to the United States on June 16, 2010, and am looking for work. Since most of my family and friends are in California, a job either anywhere in California or a remote tele-commuting job would be ideal. My resume is available here: http://samiam.org/resume/ If anyone has any potential leads, please contact me via private email. This is a monthly posting; if I do not find a job in June, I will post an announcement in early July. - Sam From cconn at abacom.com Mon Jun 14 17:02:44 2010 From: cconn at abacom.com (Chris Conn) Date: Mon, 14 Jun 2010 17:02:44 -0400 Subject: upstream_servers Message-ID: <4C1698F4.4000701@abacom.com> Hello, I am trying to forward DNS resolution requests to particular servers based on the domain. According to the docs this can be done. However, the config below does not; upstream_servers = {} upstream_servers["."] = "yyy.yyy.yyy.11,yyy.yyy.yyy.131" upstream_servers["cbl.abuseat.org."] = "xxx.xxx.xxx.2,xxx.xxx.xxx.40" upstream_servers["dnsbl-1.uceprotect.net."] = "xxx.xxx.xxx.2,xxx.xxx.xxx.40" upstream_servers["dnsbl-2.uceprotect.net."] = "xxx.xxx.xxx.2,xxx.xxx.xxx.40" upstream_servers["dnsbl-3.uceprotect.net."] = "xxx.xxx.xxx.2,xxx.xxx.xxx.40" upstream_servers["ips.backscatterer.org."] = "xxx.xxx.xxx.2,xxx.xxx.xxx.40" upstream_servers["dnsbl.sorbs.net."] = "xxx.xxx.xxx.2,xxx.xxx.xxx.40" upstream_servers["list.dnswl.org."] = "xxx.xxx.xxx.2,xxx.xxx.xxx.40" upstream_servers["psbl.surriel.com."] = "xxx.xxx.xxx.2,xxx.xxx.xxx.40" if I run a ngrep on the xxx.xxx.xxx.2 and xxx.xxx.xxx.40 servers I do not see any DNS requests at all. If I check the yyy.yyy.yyy.11 and yyy.yyy.yyy.131 servers however, I continue to see requests for the defined domains being forwarded to them, along with every other DNS request. I see from the docs that upstream_servers["cl."] = "10.2.19.83" Should work. I imitated this for "com." and I do not see any requests on the servers in question either. I must be doing something fundamentally wrong or this simply doesn't work. Anyone care to point me in the right direction? Thanks, C. From strenholme.usenet at gmail.com Mon Jun 21 01:41:58 2010 From: strenholme.usenet at gmail.com (Sam Trenholme) Date: Sun, 20 Jun 2010 22:41:58 -0700 Subject: Upstream servers Message-ID: Chris, For the record, MaraDNS has had upstream_servers support for over eight years and no one else has ever reported this problem. If you are having difficulty with MaraDNS 1.0's recursive resolver, and you are only using upstream_servers[] but not root_servers[], the best way to resolve your problem is to use Deadwood, the codebase for MaraDNS 2.0's recursive resolver. Right now, Deadwood does not support root_servers[] (but I am very close to having that support--right now I'm working on getting glueless NS referrals to work), but it fully supports upstream_servers. Here is how I would resolve your issue: * Download Deadwood 2.5.02 from http://maradns.org/deadwood/stable/ * Install this program * Rename your mararc file to have the name dwood2rc. Depending on your mararc, you may or may not be able to use it as-is with Deadwood; I have gone to some effort to have Deadwood be mararc compatible, but there are a lot of mararc parameters (csv2, ipv4_alias, etc) which Deadwood does not support. * Once you have converted your mararc file, Deadwood should work fine. Please note that Deadwood does not support having authoritative zone files. Please also note that if you need to resolve names with IPs like 192.168.1.42, to set the filter_rfc1918 parameter. Let us know how Deadwood works for you. - Sam Note: I do not answer MaraDNS (including Deadwood) support requests sent by private email without being compensated for my time. A MaraDNS support request is any and all discussion you may wish to have about MaraDNS in private email; if you want to email me to talk about MaraDNS then, yes, that is a support request. I will discuss rates if you want this kind of support. Thank you for your understanding. MaraDNS security vulnerability reports, however, will be dealt with without charge and kept confidential. If you don't know what Bugtraq is, then, no, your email is not a security report. It is not a security report unless you've done due diligence to determine how the security bug you think you found can reasonably be exploited.