X-Git-Url: http://git.pk910.de/?a=blobdiff_plain;f=srvx.conf.example;h=8abac6f4d8f87fb7bc82f3cad2c67e1605e07bdf;hb=94ff95155752d6dafa5628bb973ebae8df3558fc;hp=0e112fc53b1ad715b286325dd53c93c7840946ab;hpb=fd97d015df8937cfc28e45709af65b2a8a7fa6be;p=srvx.git

diff --git a/srvx.conf.example b/srvx.conf.example
index 0e112fc..8abac6f 100644
--- a/srvx.conf.example
+++ b/srvx.conf.example
@@ -308,6 +308,34 @@
         "file_reason" "client is blacklisted";
         // How long should a blacklist G-line last?
         "gline_duration" "1h";
+        // If you want to use DNS blacklists, add them here:
+        "dnsbl" {
+            // This DNSBL zone does not exist - you'll have to pick your own.
+            "dnsbl.example.org" {
+                "description" "Example DNSBL entry";
+                "reason" "busted by a dns blacklist";
+                "duration" "1h";
+                // You can stick the client's IP in the G-line message.
+                "reason_2" "Example DNSBL reported %ip%'s address as 127.0.0.2";
+                // .. or the contents of a DNS TXT.
+                "reason_3" "%txt%";
+            };
+        };
+    };
+    "sar" {
+        // You generally will not want to override these defaults.
+        // "resolv_conf" "/etc/resolv.conf";
+        // "services" "/etc/services";
+        // "bind_address" "0.0.0.0";
+        // "bind_port" "0";
+        // The defaults for these are derived from the system config files (above).
+        // "domain" "example.org";
+        // "timeout" "3"; // base timeout for a DNS reply
+        // "retries" "3"; // number of times to retry on different servers or longer timeouts
+        // "ndots" "1";   // number of dots needed in a hostname to bypass search path
+        // "edns0" "0";   // if set, enable EDNS0 extended message sizes
+        // "search" ("example.org", "example.net");
+        // "nameservers" ("127.0.0.1");
     };
 };