Hmm that is a good idea to block the DOH queries but what I understood is blocking on perimeter level would be more appropriate.
On Wed, Oct 2, 2019 at 4:58 PM Daniel Stirnimann < [email protected]> wrote: > You cannot block DoH with RPZ but you can block bootstrapping DoH if the > web browser is configured to use "normal" DNS to lookup the DoH > endpoint. See also: > > https://github.com/bambenek/block-doh > > Daniel > > On 02.10.19 13:23, Blason R wrote: > > Hi Folks, > > > > Wondering if anyone has any clue or defining policies for blocking DoH > > [DND Over HTTPS] traffic using bind RPZ feature? > > > > Does anyone have any use case about it? > > > > Thanks and Regards, > > Blason R > > > > _______________________________________________ > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > > > bind-users mailing list > > [email protected] > > https://lists.isc.org/mailman/listinfo/bind-users > > >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
