Closed brokoler closed 8 months ago
Found the issue, the entry was blocked because it answered with following domain:
gspx-ssl.ls.apple.com
Technitium handles everything as it should, for sure! :)
Thanks for the post. Good to know that its not an issue. The DNS server also inspects CNAME records in answer and will block them too which is probably what is happening here.
Hello,
I'm currently hardening my Apple Devices via whitelisting only specific domains. For this I added following entry to the Custom Blocked List:
*.apple.com
It mostly does what I want to achieve, but recently I found an entry which should not be blocked in my point of view:
gsp-ssl.ls-apple.com.akadns.net
For some reason it is recognizing "ls-apple.com" as an "apple.com" domain, but this should not be the case since the asterisk is written in front of the punctuation per my rule. Domains should only be blocked if they are ending on
.apple.com
It seems like Technitium does set the asterisk after the first punctuation and blocks any domain with any text before apple.com.This domain should not be blocked in my point of view, is this a false positive?
From the logs:![grafik](https://github.com/TechnitiumSoftware/DnsServer/assets/57031979/73385ac3-0801-4172-b18c-0a1daf56fd93)
Help would be appreciated.