If it’s such a reasonable default, why don’t any of the public resolvers (e.g. 
1.1.1.1, 8.8.8.8, 9.9.9.9, etc.) do so?

Oh my, you walked right into that one.

https://www.quad9.net/service/threat-blocking/

https://blog.cloudflare.com/introducing-1-1-1-1-for-families/

I'm also surprised nobody seems familiar with Vixie's Response Policy Zones, a widely supported way to put DNS filtering rules into your own DNS cache.

https://www.first.org/resources/papers/aa-dec2021/Protective-DNS-a-Boris-Slides.pdf


Regards,
John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly

Reply via email to