> This has been already implemented in any Bind9 as:
>
> options {
> auth-nxdomain no;
> };
Um, huh? How does that have anything to do with blocking DNS hijacking?
"auth-nxdomain no" means "do not set the Authoritative Answer bit on
NXDOMAIN results". The "dickheads" patch says "the following IP addresses
are DNS hijacking servers, so translate any A query that returns them
to NXDOMAIN".
Did something get mixed up?
Thank you!
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
