DoH plugin for BIND

Noel Butler noel.butler at ausics.net
Sat May 2 23:59:59 UTC 2020 

On 03/05/2020 02:17, Sten Carlsen wrote:

> About mail servers from residential IPs. I have done that for a number of years, very rarely any issue.

Most SP's do this 

> The major problem was that at one time MS required a reverse lookup for the actual mail server name.

Many SP's still do this, some take it the extra mile and block anything
with things like  cpe/dsl/cable/hfc/dyn/ppp... etc 
in the hostname, we still do it, have done for over 20 years and seen no
collateral damage. 

> . 
> In my part of the world it is very bad taste for an ISP to block anything, its not their business.

Ordinarily, I agree, but the overall security and protection of the
network must come first, the protection of teh majority must come first.
 Then there's the law, in Australia we are required as part of the
outcome of the iinet V hollywood, to block pirate sites, 99% do this by
DNS, the Federal court accepts this method, the Federal court knows it
can be avoided by most 8yos in under 10 seconds, its the sweet spot
everybody agreed to so they approved it. 

There are also other laws that require its use as well.  That said we
dont block any ports and have no intention of. 

That said, DoH is fairly pointless here because there is no requirement
to log DNS queries, most of us have far better things to do than to know
who's going where, none that I know do it, though there is a question of
Telstra mobile 

lets face it, if we really want to know whos going where, netflow tells
us a whole lot more anyway 

-- 
Kind Regards, 

Noel Butler 

 		This Email, including attachments, may contain legally privileged
information, therefore remains confidential and subject to copyright
protected under international law. You may not disseminate any part of
this message without the authors express written authority to do so. If
you are not the intended recipient, please notify the sender then delete
all copies of this message including attachments immediately.
Confidentiality, copyright, and legal privilege are not waived or lost
by reason of the mistaken delivery of this message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200503/d378d3e4/attachment-0001.htm>

More information about the bind-users mailing list