> Thanks Alan, I'll try to do more research and I really like to hear from > you or anyone else about better solutions if possible.
I think your best solution is to not try to play traffic cop with DNS. If "customers" don't want their users to access XYZ, let THEM run a proxy or firewall that filters out traffic to/from XYZ. You are always going to be playing "catch-up" and people will always find ways to work around your "solution". Good luck, AlanC
signature.asc
Description: OpenPGP digital signature
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
