Hi,
the .zip domains are a pretty big risk. With the unbound DNS, blocking this top-level domain should not be so easy.
I don't want to use PiHole or AdGuard. Is it somehow possible with Unbound DNS? Alternatively, can the feature be added accordingly by the development team?
Best regards
The unbound implementation might have what you want for this purpose. You could use a blocklist of just that tld or you could try using the domain override.
Hey,
thank you for reply.
How can I block this domain with Unbound DNS? I've already tried ".zip" and ".*.zip" under Blocklist Domain. Unfortunately, this does not work. :(
Post here the options and values you used. Someone using it would likely chime in. I use AdguardHome.
Have a look https://forum.opnsense.org/index.php?topic=34098.0
Thank you! But unfortunately, these settings do not work either. :(
Impossible to advise without more information. "It doesn't work" is not a lot to go on.
Could you please post the values used and where. Also how you are testing would be helpful.
So this is how you do it:
First install the custom options plugin from Mimugmail's repository, (https://github.com/mimugmail/opn-repo) it's called os-unboundcustom-maxit.
Next, after the plugin is installed, go to Services -> Unbound DNS -> Custom Options and enter the following
server:
local-zone: "zip." always_nxdomain
local-zone: "mov." always_nxdomain
After you do so, restart Unbound and they'll all be blocked. Remember, the custom options window has no validation, so make sure you've typed everything correctly.
I once made a screenshot. These settings do not work. However, the tip from Stormscape was successful. Thanks for this! :)
(https://abload.de/img/screenshot_5z7ew2.jpg)