[GH-ISSUE #383] Feature request: instead of returning NXDOMAIN better drop requests for unknown records #215

New issue

Open

opened 2026-03-13 16:10:20 +03:00 by kerem · 0 comments

kerem commented 2026-03-13 16:10:20 +03:00

Owner

Copy link

Originally created by @pmhausen on GitHub (Jun 4, 2025).
Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/383

Hi!

Since Letsencrypt officially states that you cannot limit your DNS server to certain client IP addresses by the means of a packet filter, I see a lot of requests by port scanners which are dutifully answered with NXDOMAIN.

I'd like a configurable option to drop the requests, i.e. not answer at all for anything unknown instead.

Kind regards,
Patrick

Originally created by @pmhausen on GitHub (Jun 4, 2025). Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/383 Hi! Since Letsencrypt officially states that you cannot limit your DNS server to certain client IP addresses by the means of a packet filter, I see a lot of requests by port scanners which are dutifully answered with NXDOMAIN. I'd like a configurable option to drop the requests, i.e. not answer at all for anything unknown instead. Kind regards, Patrick

kerem referenced this issue 2026-03-13 16:19:19 +03:00

[PR #229] Use config api.api_domain for API hostname #356

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

fix_dockerhub

dockerhub

readme2.0

goreleaser_action

refactoring

linter_update_config

update_deps_122

dependabot/go_modules/github.com/valyala/fasthttp-1.34.0

deps_bump

update_goreleaser

update_golint

deps_update

update_dockerfile

v2.0.2

v2.0.1

v2.0

v1.1

v1.0

v0.8

v0.7.2

v0.7.1

v0.7

v0.6

v0.5

v0.4

v0.3.2

v0.3.1

v0.3

v0.2

v0.1

Labels

Clear labels   

Documentation

  

Documentation

  

bug

  

enhancement

  

feature request

  

feature request

  

help wanted

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

security

  

security

  

testing

No labels

Documentation

Documentation

bug

enhancement

feature request

feature request

help wanted

pull-request

question

security

security

testing

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/acme-dns#215

No description provided.