I have a Bind9 instance acting as a caching (forwarding) name server for a group of mail servers.
Basically it queries a few specific upstream nameservers only when the domains arent in the cache.
This name server is not authoritative for any domain (here are no zones).
I would like to use this Bind instance to 'blacklist' a few domains, similar to a DNSBL; I'd like to simply return 'NXDOMAIN' for domain 'bad.example.com'.
How can I do this?
I don't need any complex rbld or similar, it's just going to be for a few domains that I don't want anything to do with.
Relevant named.conf options:
options {
forwarders {
8.8.8.8;
1.2.3.4;
5.6.7.8
};
};
Best Answer
You could add the blacklisted domains in
named.conf
as a zone directive.zone "bad.example.com" { type master; file "bad_domains"; };
then create
bad_domains
zonedata with only aSOA
record in it.Regards, jgr