DNS

Basic DNS Security

Post ported from old site.
 
Basic DNS(BIND9) Security -- and I do mean basic -- comes in the form of two simple options placed in your named.conf options {...} section.  The first is to turn off recursion and the second is to hide the bind version.
 
Why do we want to do these things?
 

Postfix: Fighting Spam using a Real-Time Block List (RBL)

     For those that administer postfix email servers that see high volumes of email, dealing with Spam can be quite a challenge. Initially I was relying on the server to do its own Spam checking with tools such as amavisd-new, spamassassin, etc. Which was working really well for the most part, but when the Spam volume gets high, performing all that processing, in the hundreds of thousands of emails, was putting unnecessary load on the server.