Tue, 14 Jun 2016 17:53:25 -0500 "Ted Wynnychenko" <ted....@comcast.net> > >How are you identifying connections to block? > > I block connections based on a list from malwaredomains.com. A script runs > nightly that downloads the list/changes, creates zone files, and reloads > unbound/nsd. The "blocked" zone files point those domains at an internal > (10.0.x.x) IP address.
Have you considered an allow list instead (semi-evil grin, no really)? Please do not get offended by the idea which might be a lot less work. Then you could just transparently relay & not worry about it any more.
