Need feedback on RPZ service setup

Tony Finch dot at
Thu Jan 5 23:53:26 UTC 2017

> On 5 Jan 2017, at 22:09, Lars Kulseng <larskulseng at> wrote:
>  Any other thoughts on the naming of the zone? If I wanted to obfuscate the name, I could use a reserved TLD like .test or .invalid. This would never appear in the wild.

Ah. Well. You explained your reason for obfuscating the zone name very clearly in your previous message, and given the premises you started from, you came to a plausible conclusion. So, because I didn't want to argue about your premises, I didn't have any further point to make. But, since you asked...

I think that if you are in the business of making judgments about whether people should or should not be able to resolve a domain name, you should be completely open and honest about what you are doing and why. Instead of hiding away from feedback, you should have a clear bug report and feedback channel.

The job you are taking on for yourself is all about telling people they are bad and wrong. They will get upset about that. You have to be prepared to deal with their anger in a fair and reasonable manner.

f.anthony.n.finch  <dot at>

More information about the bind-users mailing list