Block use-application-dns.net from DNS resolve

Hi, i’ve tried adding host entries for use-application-dns.net (https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet) and that didn’t fix the problem … dooh! of course it wouldn’t, with 2 secs thought.

I believe I can add non-resolvable domains to the DNS proxy command line … can you advise what to add where?

Thanks
David

apologies for the noise. Some searching found the answer:

create a file /etc/unbound/local.d/block_bad.conf
with:
local-zone: "use-application-dns.net" always_nxdomain
You can also add:
harden-below-nxdomain: yes

if you want belt-and-braces.

save that and restart unbound.

1 Like