diff --git a/cmd/meshnamed/main.go b/cmd/meshnamed/main.go
index 9ee4a57..9ddb77d 100644
--- a/cmd/meshnamed/main.go
+++ b/cmd/meshnamed/main.go
@@ -38,7 +38,7 @@ func loadConfig(s *meshname.MeshnameServer, confPath string) error {
 
 var (
 	genconf, subdomain, useconffile, listenAddr, networksconf string
-	debug                                                     bool
+	debug, allowRemote                                        bool
 )
 
 func init() {
@@ -47,6 +47,7 @@ func init() {
 	flag.StringVar(&useconffile, "useconffile", "", "run daemon with a config file")
 	flag.StringVar(&listenAddr, "listenaddr", "[::1]:53535", "address to listen on")
 	flag.StringVar(&networksconf, "networks", "ygg=200::/7,cjd=fc00::/8,meshname=::/0", "TLD=subnet list separated by comma")
+	flag.BoolVar(&allowRemote, "allowremote", false, "allow remote queries from any IP address")
 	flag.BoolVar(&debug, "debug", false, "enable debug logging")
 }
 
@@ -76,7 +77,7 @@ func main() {
 		logger.Fatalln(err)
 	}
 
-	s := meshname.New(logger, listenAddr, networks)
+	s := meshname.New(logger, listenAddr, networks, allowRemote)
 	if useconffile != "" {
 		if err := loadConfig(s, useconffile); err != nil {
 			logger.Fatalln(err)
diff --git a/pkg/meshname/server.go b/pkg/meshname/server.go
index 24a981c..27c0f07 100644
--- a/pkg/meshname/server.go
+++ b/pkg/meshname/server.go
@@ -16,6 +16,7 @@ type MeshnameServer struct {
 	dnsClient  *dns.Client
 	dnsServer  *dns.Server
 	networks   map[string]*net.IPNet
+	allowRemote bool
 
 	dnsRecordsLock sync.RWMutex
 	dnsRecords     map[string][]dns.RR
@@ -25,7 +26,7 @@ type MeshnameServer struct {
 }
 
 // New is a constructor for MeshnameServer
-func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet) *MeshnameServer {
+func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, allowRemote bool) *MeshnameServer {
 	dnsClient := new(dns.Client)
 	dnsClient.Timeout = 5000000000 // increased 5 seconds timeout
 
@@ -35,6 +36,7 @@ func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet) *Me
 		dnsRecords: make(map[string][]dns.RR),
 		networks:   networks,
 		dnsClient:  dnsClient,
+		allowRemote: allowRemote,
 	}
 }
 
@@ -143,6 +145,9 @@ func (s *MeshnameServer) handleRequest(w dns.ResponseWriter, r *dns.Msg) {
 
 func (s *MeshnameServer) isRemoteLookupAllowed(addr net.Addr) bool {
 	// TODO prefix whitelists ?
+	if s.allowRemote {
+		return true
+	}
 	ra := addr.String()
 	return strings.HasPrefix(ra, "[::1]:") || strings.HasPrefix(ra, "127.0.0.1:")
 }