Hello,
I have setup a DNS server for a domain that will host a mail server. I am using BIND 9. I have it setup and working just fine. I've been reading that I should disable recursion in order to secure the nameserver. If I do that though, my mail server is no longer able to send mail out to the Internet because it cannot resolve the other domain names. In the global section of named.conf, I have the following:
options {
...<option1>
...<option2>
recursion no;
allow-recursion { 127.0.0.1; 192.168.0.0/16; 154.144.132.3; };
};
Is this the right setup, or should I be doing something different?
I have setup a DNS server for a domain that will host a mail server. I am using BIND 9. I have it setup and working just fine. I've been reading that I should disable recursion in order to secure the nameserver. If I do that though, my mail server is no longer able to send mail out to the Internet because it cannot resolve the other domain names. In the global section of named.conf, I have the following:
options {
...<option1>
...<option2>
recursion no;
allow-recursion { 127.0.0.1; 192.168.0.0/16; 154.144.132.3; };
};
Is this the right setup, or should I be doing something different?