[CentOS] Apparent BIND problem doing RBL lookups for Postfix

Thu Apr 15 18:22:53 UTC 2010
listserv.traffic at sloop.net <listserv.traffic at sloop.net>

> Check out the following bug report. I would also look at other bind bug
> reports. My sense is that redhat has deviated quite a bite from the ISC
> version of bind. In particular I believe that they disabled or otherwise
> modified the caching behavior back about 6-8 months ago when there were
> major security issues with bind. I have felt that my Red Hat/Centos name
> servers have not worked as well as Fedora or ISC bind name servers since
> this time. You might try installing ISC bind and see if that solves your
> problem.

> https://bugzilla.redhat.com/show_bug.cgi?id=553334

> Nataraj

Interesting - though in our case it's failing long before a few
million lookups. I don't much relish compiling ISC versions to run on
my box - the security implications and other hassles don't seem
trivial. [We don't allow external [the world] lookups - just local
"trusted" users, but that only mitigates some of the security concerns.]

Perhaps it's possible to use an older version that's security
patched. Ugh.