About

DNSCrypt Poland provides free, non-logged DNS encryption to anyone. There are 2 tiers:

• dnscrypt.pl = vanilla, no filtering
• dnscrypt.pl-guardian = some malware/phishing filtering

note: legacy soltysiak service is going to be retired after 7 years of operation.

It is located in a Beyond Data Center in E24Cloud in Poznań.

Introduction

Regular DNS is not encrypted. Although DNSSEC provides response authentication it does not provide encryption. DNSCrypt provides encryption for DNS similarly to how SSL/TLS does it for HTTP.

If your ISP is filtering Internet access based on domain names (e.g. as in this polish draft bill which introduces illegal pages register in article 15f) using DNSCrypt might be a way to make it impossible for them to snoop on or block internet addresses you are resolving.

Why?

When you visit any website, even if it’s an encrypted connection, your computer has to ask for an IP address corresponding to the web address. That query for the IP address is not encrypted and it allows any eavesdropping party to know what you’re visiting. That’s really powerful, because if someone knows you’re visiting a suicide hotline, they don’t really need to see the contents to infer what’s going on with you.

When you’re using DNSCrypt, all these name queries are impossible to see, therefore ensuring the privacy by preventing eavesdropping.

DNSCrypt was concieved by OpenDNS and while they run a very good service, you should have the ability to choose alternative providers. One advantage over OpenDNS is that if a domain doesn’t exist, we’ll tell you so by returning NXDOMAIN; OpenDNS returns valid A records which redirect browsers to their landing page. A feature, yes, but not exactly protocol compliant and “may break things”^TM.

How to start using it?

Check this post.

More Info

Please see the documentation at dnscrypt.info for more installation and usage instructions.

About me

DNSCrypt Poland is operated by me, Maciej Sołtysiak. I'm an IT Professional, living in Poznań, Poland. I have a great interest in privacy, security and modern cryptography solutions; that is why I am providing this service.

Resolver #1 (poz1.dnscrypt.pl) is hosted in Poznan with E24Cloud. (disclaimer: this is an affiliate link, if I ever get any money out of this, I put it straight to funding the hosting)

I do not log queries or IPs. I consider even such data a toxic asset I wouldn't want to hold. I do measure aggregated traffic statistics but it is not possible to link queries to users.

Being completely free, this service is provided without any warranty and I renounce liability for any claim, damages or other liability arising from the use of this service.

Service Announcements

Please follow/see @dnscryptpl on Twitter for service announcements and other things relevant to the service.

Contact

Visit contact page.

Supporting the service

Please visit the support page to see how you can help maintain this service or simply say thanks.