Originz logo: Thick circle with a Z inside it

Originz DNS

A Filtering DNS Cache


Originz is generally functional and is seeing day-to-day use. However, the authors are not interested in debugging everyone's DNS problems, especially not for free.

As such, the Originz project should be considered to have a perpetual alpha status for the forseeable future.



Get Rust, then build and run the latest release as follows:

$ cargo install originz $ ~/.cargo/bin/originz --help

Originz expects a TOML config file. Here's a basic example with two upstream servers and some filters:

upstreams = [ # DoH servers are supported! "https://mozilla.cloudflare-dns.com/dns-query", # DoT servers are supported! "tls://", # Fallback for bootstrap query of DoH "mozilla.cloudflare-dns.com" "", ] overrides = [ # Honor any configured hosts in /etc/hosts "/etc/hosts", ] blocks = [ # URLs will be downloaded and periodically refreshed. # Listed domains return NXDOMAIN. "http://sysctl.org/cameleon/hosts", "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt", "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt", ]

Other config options include things like grouped filters where different clients can have different filters applied to their queries, and optional Redis support for the DNS cache. For now, the best config reference is to just read the comments in config.rs.


Easy Installation

Originz is a DNS filter that blocks the spammers, scammers, and advertisers of the world.

However, unlike more mature projects it does not need a dedicated environment with several services to run. Originz comes as a standalone binary that will just run a single process on your machine like any other service.

Low Overhead

Originz intends to be fast and efficient, with a reasonable and predictable resource footprint.

Its low resource requirements ensure that Originz can be run on a wide variety of systems - any Rust compilation target should work fine.

Technical Details

How It Works

Originz acts as a caching proxy for upstream DNS, working as a filter against the requests that are sent to it. By default Originz has its own internal cache, but it can also be configured to store cached records in an external Redis server. The filter itself is driven by list files which can override or block domains.

Originz supports the /etc/hosts format, allowing defining custom domains directly. This ensures that Originz can be a full drop-in replacement for your system's default DNS service.

Record Support

Many DNS implementations only support A (IPv4) records and sometimes AAAA (IPv6) records. Originz meanwhile targets support for all current DNS record types, even the really obscure ones. This ensures that it can function as a drop-in proxy for existing DNS, without the need for compromises or fallbacks.


Originz is licensed under the FAFOL. This is intended to restrict use of the project for purposes that would be considered unethical by its authors.

Site design: Element CSS