Re: Can I tell unbound to forward all requests except for some domains?

I was able to use forward-zone: name: "spamhaus.org" forward-addr: 127.0.0.1@1053 # do not resolve spamhaus via public DNS resolvers Because I have a second non-forwarding unbound running on port 1053 for rspamd already (which has more or less the same issue, but which — unlike

Re: Can I tell unbound to forward all requests except for some domains?

I meant quad9 below, not cloud9. Apologies. Gerben Wierda (LinkedIn ) R IT Strategy (main site) Book: Chess and the Art of Enterprise Architecture Book: Mastering ArchiMate

Re: Can I tell unbound to forward all requests except for some domains?

No, this is about certain DNS servers not accepting queries from public resolvers, such as DNS servers that are used to disseminate information about bad actors. DNS blacklists and all that. My standard LAN resolver (unbound) forwards to cloud9 (9.9.9.9) so I am protected by their filtering

Re: Can I tell unbound to forward all requests except for some domains?

Yes, that is what I thought a while back, so I decided at the time to test with this: forward-zone: name: "apple.com." forward-addr: 8.8.8.8@53 # testing if I can forward based on fqdn forward-zone: name: "." # If the forwarding fails, do your own recursion

Re: Can I tell unbound to forward all requests except for some domains?

Hello, I think what you want is a Forward Zone. https://docs.netgate.com/tnsr/en/latest/dns/fwd-zone.html Thank you, Steven Original Message On Mar 4, 2022, 19:36, Gerben Wierda via Unbound-users wrote: > I am using unbound and it is configured to use cloud9 as a forwarder.

Can I tell unbound to forward all requests except for some domains?

I am using unbound and it is configured to use cloud9 as a forwarder. But spamhaus.org DNSBL will not answer requests for IP addresses from public DNS, such as cloud9. So, what I would like to do is configure unbound in such a way that it always goes to cloud9, except when the query is about