[SURBL-Discuss] SURBLs in main domain DNS

Jeff Chan jeffc at surbl.org
Wed Nov 24 11:10:14 CET 2004

On Wednesday, November 24, 2004, 1:18:47 AM, Ronan Ronan wrote:
> hi all,
>   new to the list
> :D

Welcome to the list and SURBLs!

> I have a  question. Im running SA and using the SURBLs as part of it on 
> a domain serving 100,000+ daily. Ive decided to take the local DNS cache 
> of the SURBL files and had a look at the documentation for dnsrbld etc. 
> Now I just had a word with one of the network guys who suggested that 
> instead of me re-inventing the wheel by using our domain dns to point to 
> a local rbldnsd machine hosting the SURBL files that i simply just put 
> them onto the man DNS.

> I presume there is nothing wrong with that, or would there be any 
> strange consequences. Is there anything else i should know before I go 
> ahead?

It sounds like you're considering using the BIND versions
of the zone files instead of rbldnsd.  Is that right?
If so, it's possible to do, but....

It's probably worth noting that the largest and most
useful zone file (and probably the only one you actually
need) multi.surbl.org is about 10 megabytes.  It's
possible to serve it up using BIND, but it will
consume MUCH more memory and CPU in BIND than in
rbldnsd.  We very strongly recommend rbldnsd for
serving up rbl zone files.

Here's top from a server serving up both BIND and
rbldnsd versions of significantly the same files
(though the rbldnsd is answering far more queries):

last pid: 58443;  load averages:  0.08,  0.14,  0.16   up 13+18:57:46  02:07:58
28 processes:  2 running, 26 sleeping
CPU states:  0.8% user,  0.0% nice,  0.4% system,  0.0% interrupt, 98.8% idle
Mem: 261M Active, 152M Inact, 50M Wired, 27M Cache, 61M Buf, 12M Free
Swap: 1499M Total, 160K Used, 1499M Free

77905 root       2   0   175M   174M select 371:10  0.00%  0.00% named
  492 rbldns     2   0 14788K 14040K RUN     50:29  0.00%  0.00% rbldnsd

As you can see BIND is using more than ten times
as much memory and much more CPU time than rbldnsd.
Though the servers may have been restarted at different
times, all were started enough days ago that the
difference is very real. The difference in CPU time
is actually larger than shown since BIND was started
more recently.

Jeff C.
"If it appears in hams, then don't list it."

More information about the Discuss mailing list