On Sat, 22 Nov 2014 19:13:17 -0800, ZEROF <security@netmajstor.com> wrote:

I saw some info just yesterday, but it's not in actual server configuration. Can you provide some good resource for setting dnscrypt-proxy? And no logging DNS's is good to protect end users.

That was a long night bleary night but IIRC I used the Arch wiki https://wiki.archlinux.org/index.php/Dnscrypt

It's pretty straightforward for the most part. Install the package, set it to run at boot, configure the desired target DNS server(s), and edit /etc/resolv.conf to use the local DNScrypt proxy (e.g. nameserver 127.0.0.1) On OpenBSD I had to manually edit the /etc/rc.d/dnscrypt_proxy script to change the DNS servers.

To do it right, you'll also want to insert a caching resolver (such as Unbound) into the DNS lookup chain.