How big is "heavy, extensive blacklists" can get before they cause problems?I don't recommend using heavy, extensive blacklists as they consume a significant amount of memory.
For example, every ISP here in Poland is required by law (since 2017) to block gambling sites listed at https://hazard.mf.gov.pl/ - currently over 41k names and growing. All listed names are simple hosts (no wildcards or subdomains) - for each listed name the resolver has to return an A record pointing to 145.237.235.240 (which belongs to Ministry of Finances and shows a warning that it is illegal to use gambling sites that don't pay taxes).
I'm currently using PowerDNS (pdns-recursor) in a Debian x86-64 VM under XCP-NG, with the list converted to /etc/hosts format. There are also scripts to convert the list to MT built-in static DNS. Would such list of 41k hosts be considered too heavy for this resolver?
(Don't tell me it's a stupid idea - it was made by politicians...)
Statistics: Posted by marekm — Tue Feb 20, 2024 8:45 pm