You cannot block DoH with RPZ but you can block bootstrapping DoH if the web browser is configured to use "normal" DNS to lookup the DoH endpoint. See also:
https://github.com/bambenek/block-doh Daniel On 02.10.19 13:23, Blason R wrote: > Hi Folks, > > Wondering if anyone has any clue or defining policies for blocking DoH > [DND Over HTTPS] traffic using bind RPZ feature? > > Does anyone have any use case about it? > > Thanks and Regards, > Blason R > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
