How do we feel about a mod to the resolver library to implement a DNS
blacklist?  Verizon and others are starting to resurrect sitefinder on
a local basis.  It occurs to me that one self-defense mechanism would
be the ability to add a line to /etc/resolv.conf that declares certain
IP addresses as evil^H^H^H^Hinaccurate and treat responses with those
addresses as returning NXDOMAIN.  This would allow users behind those
hijacking DNS servers to identify and redirect the redirection.

-- 
D'Arcy J.M. Cain <darcy@NetBSD.org>
http://www.NetBSD.org/