Next brainstorm run.
The returned bad domain list have to be compared to what original given as section of an list or a whole list. This to avoid advertisers to use this mechanism to ‘whitelist’ themselves on a domain blocklist.
‘Whitelisting’ can also work then on the influx side. An advertiser can poison blocklists with lots of domains that will return nxdomain/errors because they are controlling the authoritative DNS for that domain.
So the bad domain list, can only have separate domains and can’t be condensed in a regex filter.
What can be put in a regex filter, are Databased domains like
r1---sn-5hne6nlk.googlevideo.com and this would be the best a static file. Such a list can filter the blocking lists on it’s way into gravity directly and also the OD-Domains (Out Dated Domains) list. The result is the same.
Google syndication would also end up in my
regex.list so it will be blocked completely.
I mentioned earlier Qname to check OD-Domains and Unbound could be a good candidate to provide this and it has also an interface which let you directly communicate with it.
The OD-Domain scanner can be part of Pi-hole and users can opt in to take part in scanning for those domains. Also there should be different interval settings to check for OD-Domains. One would be every 10 seconds a request and ten would be every second. For the brave under us there could be also the ‘ludicrous’ mode doing ten request per second of if you brave even more.