E-Mail Service
Fast and safe communication with modern transport and DNS security.
TLS 1.3 (PFS) secured
DNSSEC
MTA-STS enforce
SPF/DKIM/DMARC
Safety details
- MTA-STS: Mode
enforceNo plaintext, no STARTTLS stripping. - DNSSEC: ECDSA P-256 signed zone
- TLS 1.3: Perfect Forward Secrecy
- SPF/DKIM/DMARC: correct alignment, protection against spoofing and abuse.
Smart DNS (DoT/DoH)
DoT:
random.adg.eridium.xyzDoH:
random.doh.adg.eridium.xyz
FR / DE Infrastructure
IPv6 / DS-Lite
DNSSEC Validation
No ECS Leakage
QNAME Minimization
Encrypted Upstream (DoH)
Closed Resolver
Ad & Tracker Blocking
Phishing & Malware Protection
Scam & Crypto Protection
Telemetry & Pop-Up Mitigation
Rebinding Protection
Encrypted DNS Access
Adaptive Caching
AI Abuse Filtering
Low Failure Rate
Schnell‑Setup
Note: All access is treated as a single shared client; device and IP attribution is not available.Android [DoT Fallback]
- Settings → Network & Internet → Advanced → Private DNS
- Select Private DNS provider hostname
- Enter:
random.adg.eridium.xyz
Android [DoH Preferred]
Install a DNS configuration profile (MDM / custom profile).
DoH endpoint:
DoH endpoint:
https://random.doh.adg.eridium.xyz/dns-query
System-wide encryption. Recommended over DoT when possible.
iOS / iPadOS [DoH Preferred]
Settings → General → VPN & Device Management → Install DNS profile.
DoH:
Manual Wi-Fi DNS only supports unencrypted DNS.
DoH:
https://random.doh.adg.eridium.xyz/dns-query
Manual Wi-Fi DNS only supports unencrypted DNS.
Linux [DoT]
systemd-resolved:
DNSOverTLS=yes
DNS=random.adg.eridium.xyz- Alternative:
stubbyorunboundas DoT forwarder.
Linux Desktop (NetworkManager - DoH Preferred)
NetworkManager does not natively support DoH.
Recommended:
Recommended:
- Run
cloudflaredordnscrypt-proxylocally - Forward to:
https://random.doh.adg.eridium.xyz/dns-query
macOS [DoH Preferred]
Create or install a DNS profile via Apple Configurator.
DoH:
System-wide. No native GUI-based DoT/DoH entry.
DoH:
https://random.doh.adg.eridium.xyz/dns-query
System-wide. No native GUI-based DoT/DoH entry.
Smart TVs & Consoles
- Open network settings
- Set DNS manually → enter router IP
- Router must act as DoH/DoT forwarder
Router / Firewall
- OpenWrt: Install
stubby,unboundorhttps-dns-proxy - pfSense / OPNsense: DNS Resolver → Forwarding Mode
- Upstream:
DoH:https://random.doh.adg.eridium.xyz/dns-query
DoT:random.adg.eridium.xyz
Windows 11 [DoH Preferred]
- Settings → Network & Internet → Adapter
- Set DNS to Manual
- Encryption: Encrypted only (DNS over HTTPS)
- Provider:
https://random.doh.adg.eridium.xyz/dns-query
Chromium / Brave / Edge / Opera [DoH]
Settings → Privacy & Security → Use Secure DNS
Custom:
Custom:
https://random.doh.adg.eridium.xyz/dns-query
Firefox / Mullvad Browser [DoH]
about:config →
Optional:
network.trr.mode = 3
network.trr.uri = https://random.doh.adg.eridium.xyz/dns-query
Optional:
network.trr.bootstrapAddress = <resolver IP>
Docker
Docker does not support DoH/DoT directly.
Recommended:
Recommended:
- Run local DoH proxy container
- Set Docker daemon.json:
"dns": ["127.0.0.1"]
Kubernetes (CoreDNS)
Edit CoreDNS ConfigMap:
Forward to DoH proxy or DoT upstream.
Recommended: local DoH sidecar.
Forward to DoH proxy or DoT upstream.
Recommended: local DoH sidecar.
WireGuard (Split DNS)
In client config:
Or use local DoH resolver IP.
DNS = random.adg.eridium.xyz
Or use local DoH resolver IP.
Recommendation:Prefer DoH where supported. DoT is a solid fallback. Router-level encryption increases CPU load and latency. Endpoint configuration is recommended when possible.