DNS Policy Changes Deployed

We’ve completed the deployment of our new DNS policies as covered in the Upcoming DNS changes MOTD.  To reiterate, we’ve disabled access to our recursive servers from off our network, are enforcing DNSSEC validation and have enabled two commercial RPZ lists to help protect our customers from phishing, viruses and malware.  For more information please see this forum post.

Update:  We disabled one of the commercial RPZ lists earlier this afternoon.  Despite substantial testing and review prior to deploying this to our customers that the service – at least as it stands now – is overly aggressive in its listing policy.

-Kelsey and Augie

5 comments for “DNS Policy Changes Deployed

  1. I do not understand how this process works. Does it affect receipt of emails to my mailbox? Pat

  2. Pat, it doesn’t affect the reception of emails to your mailbox but could affect you ability to open a link inside of an email. Hopefully only if the link was to a known phishing or malware distribution site. There’s more information on this over in the forums.

  3. Is anyone having problems with “new.sonic.net”?
    My password is being rejected.

  4. Is “new.sonic.net” a typo? It is in DNS but probably relates to something long forgotten.

  5. Is there any packet loss or latency issues affecting service? There is a delay when syncing our email to our hosted exchange provider and they suggest that we check with our ISP for packet loss or latency issues.

Leave a Reply

Your email address will not be published. Required fields are marked *