rbldns — a RBL source content DNS server using the UDP protocol
rbldns is a content DNS server that speaks the DNS/UDP protocol. It accepts DNS queries from hosts around the Internet, and responds with locally configured information. The queries ask about various IP addresses, taking the form of a reverse lookup, and responses show whether the addresses are on an RBL blacklist or whitelist.
When it starts rbldns changes its root to the directory specified by the
ROOT environment variable, and drops privileges to run as the user ID and group ID specified by the
GID environment variables.
The latter can be set up with envuidgid(1).
Normally rbldns is run via a server program such as udp-socket-listen to listen for DNS/UDP queries from hosts around the Internet.
It understands the
LISTEN_FDS environment variable convention for having an already-listening socket passed to it by such a program, and uses the last open file descriptor in the list that refers to a UDP/IPv4 socket.
If no such open file descriptor is provided it falls back to opening its own UDP/IPv4 socket, bound to port 53 of the IP address given by the value of the
IP environment variable.
It does not handle DNS/TCP.
rbldns rejects zone-transfer requests, inverse queries, non-Internet-class queries, truncated packets, packets that contain anything other than a single query, query types other than A, TXT, or ANY, and queries for domain names not beneath the
base domain name.
rbldns answers queries as specified by
data.cdb, a binary file in its root directory created by rbldns-data(1).
The reverse lookup domain names take the form
a.b.c.d is the IP address being looked up and
base is a domain name apex given by the value of the
BASE environment variable.
A queries are answered with the IP address given in the file.
TXT queries are answered with the message given in the file; replacing a final
$ in the message, if one is present, with the IP address being asked about.