RE: Death By DNS
I never mentioned this before, but these extra lookups can be like firecrackers going off. I do three types of DNS lookups:
(1) basic RBL checking of sending server's IP address using sbl-xbl.spamhaus.org
(2) content RBL lookup for domains and IP addresses using multi.surbl.org
(3) content RBL lookup for IP addresses (not domains) using sbl-xbl.spamhaus.org
(BTW - Does anyone have a "feel" for sbl-xbl.spamhaus.org and false positives. I wonder sometimes if that particular RBL list is too strict?)
Anyway, the second and third of these two levels can sometimes cause several DNS lookups per one singe message.
Eventually, I noticed that my server was slowing down. Web sites were being served slower.
Also, my mail server software is NOT know for robustness and several articles on their user's group site mention that it falters if the DNS server is slow or has any problems.
So I thought... could there be a connection?
My next "project" was to then improve the DNS caching on my Windows 2000 server. I tried to tweak the client DNS caching, but with little success/options. Next, I looked into installing the full Windows 2000 DNS service... but I'm not a network engineer and the settings seemed strange and the instructions confusing.
Finally, I found the answer. I found a 3rd party "caching" DNS server which works great for my purposes.
It has a lot of good features, like saving cached DNS data between reboots.
You can find this software here:
After installing it, I notice that web sites on my server which were taking about 2 extra seconds longer to load than they used to take started flashing across the screen instantaneously.
I know that my conclusions about this are not scientific, but its hard to argue with results.
Rob McEwen
Hi Rob, At 11:34 27-07-2004, Rob McEwen wrote:
I never mentioned this before, but these extra lookups can be like firecrackers going off. I do three types of DNS lookups:
[snip]
(3) content RBL lookup for IP addresses (not domains) using sbl-xbl.spamhaus.org
(BTW - Does anyone have a "feel" for sbl-xbl.spamhaus.org and false positives. I wonder sometimes if that particular RBL list is too strict?)
The RBL is not too strict. It does however cause false positives. This only affects customers relaying off your mail server.
Also, my mail server software is NOT know for robustness and several articles on their user's group site mention that it falters if the DNS server is slow or has any problems.
If the DNS server is slow, it will cause problems. If you are going to use DNS based blacklists, you should have a reliable DNS server.
Regards, -sm
-
Rob McEwen -
SM