DoH plugin for BIND
h.reindl at thelounge.net
Sat May 2 13:38:22 UTC 2020
Am 02.05.20 um 15:30 schrieb Paul Kosinski via bind-users:
> How many ISPs allow traffic on port 25? My impression is that even many
> (non-enterprise) business customers can't use port 25.
that can be easily answered by just look at your inbound MX and the
amount of dul.dnsbl.sorbs.net and pbl.spamhaus.org hits
until the large botnet was killed a few months ago this was majority of
*all* mail traffic which wouldn't have been possible all the years by
current month blocked at postscreen level:
[root at mail-gw:~]$ cat maillog | grep spamhaus.org | grep -P
"127.0.0.(10|11)" | wc -l
until this year it was 10 times more
blocked by contentfilter: 134
honeypot hits: 5206
> On Sat, 2 May 2020 09:28:54 +0200
> Reindl Harald <h.reindl at thelounge.net> wrote:
>> Am 02.05.20 um 09:00 schrieb Michael De Roover:
>>> That's actually my biggest concern with DoH, ISP blocking. It doesn't
>>> seem as obvious as it is with DoT, but deep packet inspection (DPI) is
>>> already a thing. Don't expect an ISP that wants to block DoT to not
>>> (want to) block DoH either. The crux of the problem at that point is not
>>> the technology, it is the ISP's incentives. If the ISP wants to block
>>> DoT for whatever reason, personally I'd consider it.. not exactly fine
>>> but at least their right to do so. That's their decision to make.
>> that seems to be some US attitude, no wonder what happens there with
>> user attitudes like "but at least their right to do so"
>> the ISP by definition has exactly one right: get money for his service
>> which is described as "route and transfer every package, don't look at
>> it, don't mangle it, you have no business about the content of my traffic"
More information about the bind-users