DoH plugin for BIND

Reindl Harald h.reindl at
Sat May 2 13:38:22 UTC 2020

Am 02.05.20 um 15:30 schrieb Paul Kosinski via bind-users:
> How many ISPs allow traffic on port 25? My impression is that even many
> (non-enterprise) business customers can't use port 25.

that can be easily answered by just look at your inbound MX and the
amount of and hits

until the large botnet was killed a few months ago this was majority of
*all* mail traffic which wouldn't have been possible all the years by
your conclusion


current month blocked at postscreen level:

[root at mail-gw:~]$ cat maillog | grep | grep -P
"127.0.0.(10|11)" | wc -l

until this year it was 10 times more


delivered: 1371
blocked by contentfilter: 134
honeypot hits: 5206

> On Sat, 2 May 2020 09:28:54 +0200
> Reindl Harald <h.reindl at> wrote:
>> Am 02.05.20 um 09:00 schrieb Michael De Roover:
>>> That's actually my biggest concern with DoH, ISP blocking. It doesn't
>>> seem as obvious as it is with DoT, but deep packet inspection (DPI) is
>>> already a thing. Don't expect an ISP that wants to block DoT to not
>>> (want to) block DoH either. The crux of the problem at that point is not
>>> the technology, it is the ISP's incentives. If the ISP wants to block
>>> DoT for whatever reason, personally I'd consider it.. not exactly fine
>>> but at least their right to do so. That's their decision to make.   
>> seriously?
>> that seems to be some US attitude, no wonder what happens there with
>> user attitudes like "but at least their right to do so"
>> the ISP by definition has exactly one right: get money for his service
>> which is described as "route and transfer every package, don't look at
>> it, don't mangle it, you have no business about the content of my traffic"

More information about the bind-users mailing list