The dnsreflector daemon listens for DNS queries on a local UDP port and answers with records pointing back to localhost. Combined with OpenBSD's packet filter pf(4) this works as a bandwidth efficient spamtrap. Source repository at GitHub.

PF Setup

	table <spamd> persist
	pass in proto udp from <spamd> to any port 53 rdr-to port 53000


	dnsreflector [-d] [-a address] [-p port]

	-d           Run as daemon in the background
	-a address   Bind to this address (default:
	-p port      Bind to this port (default: 53000)
	-i address   Answer with this IP instead of

This program was written and tested with OpenBSD. If you are interested in running dnsreflector on another platform, please contact me . On popular demand I made a diff to compile dnsreflector with Linux (tested on SuSE). You will need a facility to redirect DNS queries coming from blacklisted hosts to dnsreflector.


Release 1.03. Add -i option (wanted by captive portal owners) and fix regression on current OpenBSD
Dnsreflector is now included in the OpenBSD ports tree (at net/dnsreflector).
Release 1.02. FIX: Install manpage to correct location.
Release 1.01. Initial release.
Please ignore these hidden links for harvesters and spambots