Use-application-dns.net found in adlists

DL6ER · July 4, 2021, 11:58am

Thanks. Just for documentation: My previous PR has been superseded by

github.com/pi-hole/FTL

Implement special handling of the Mozilla canary domain to disable Firefox automatic DoH

pi-hole:release/v5.9 ← pi-hole:new/canary_domain_handling

opened 11:53AM - 04 Jul 21 UTC

DL6ER

+85 -9

**By submitting this pull request, I confirm the following:** - [X] I have re…ad and understood the [contributors guide](https://github.com/pi-hole/pi-hole/blob/master/CONTRIBUTING.md). - [X] I have checked that [another pull request](https://github.com/pi-hole/FTL/pulls) for this purpose does not exist. - [X] I have considered, and confirmed that this submission will be valuable to others. - [X] I accept that this submission may not be used, and the pull request closed at the will of the maintainer. - [X] I give this submission freely, and claim no ownership to its content. **How familiar are you with the codebase?:** ## 10 --- Ensure FTL always replies with `NXDOMAIN` to `A` and `AAAA` queries of `use-application-dns.net` This is following the recommendation on https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https Enforcing `NXDOMAIN` for `use-application-dns.net` can be disabled by setting `MOZILLA_CANARY=false` in `/etc/pihole/pihole-FTL.conf` The Query Log will display this as reply answered from cache: ![Screenshot from 2021-07-04 13-52-05](https://user-images.githubusercontent.com/16748619/124383912-3c1ff380-dccf-11eb-8e03-a00100f575d1.png) We could also introduce a new "special domain" status, but I don't see this necessary for now (and it'd require another change to the AdminLTE repo as well).

where the behavior is now even configurable (on/off). This is a much better and easier to understand strategy than post-processing the gravity database.

yubiuser · October 5, 2021, 5:22pm

There is some progress on this. Someone filed a patch, assigned himself and upgraded priority:

Unfortunately, the in the discussion around the patch 0.0.0.0 was jugeded as "I don't think it's particularly important to allow 0.0.0.0."
https://phabricator.services.mozilla.com/D127538

DL6ER · October 5, 2021, 7:14pm

Fortunately, Pi-hole handles this well and does not depend on them fixing it

DL6ER · October 6, 2021, 6:03am

The change has been reverted because some tests failed. One could have fixed the tests, but ...

yubiuser · October 7, 2021, 6:30pm

I think they included it again. Maybe they fixed the tests...

system · April 5, 2022, 6:31pm

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.