Power DNS has a ha proxy/load balancer that does dns over https. That way you're not limited to google's and cloudflare's dns servers which exist to drive advertising to you and give a single shource for tracking. dns over https: feh On Wed, Oct 2, 2019 at 5:28 PM Jay R. Ashworth <jra@baylink.com> wrote:
----- Original Message -----
From: "John Levine" <johnl@iecc.com>
In article <804699748.1254612.1570037049931.JavaMail.zimbra@baylink.com> you write:
Tools. Are. Neutral.
Any solution to a problem that involves outlawing or breaking tools will. Not. Solve. Your. Problem.
I think in the outside world you'll find very little support for an argument that filtering DNS is fundamentally broken.
Sure, you can do it in broken ways, but it's going to be really hard to persuade anyone that their lives are better if they have unfiltered access to the malware links in their spam.
I expect I would.
But this is not "filtering DNS". It's "making a bodge-handed attempt to REPLACE DNS (well, proxy it) for only one application/layer".
My problem isn't what they're using it for; it's that they've implemented it so poorly.
I live down here in the trenches, John, where "it doesn't work" is the calibre of problem reports I get. When my tools say that "yes, it does", *I'm* the one who takes it in the nads because Mozilla had a Better Fuckin' Idea.
That it will likely cause lots of 50,000ft problems to is just a cherry on the top.
Cheers, -- jra
-- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
-- --Curtis