diff --git a/proxy/lib/proxy-go_test.go b/proxy/lib/proxy-go_test.go
index d1ef7e5..6428150 100644
--- a/proxy/lib/proxy-go_test.go
+++ b/proxy/lib/proxy-go_test.go
@@ -506,13 +506,13 @@ func TestUtilityFuncs(t *testing.T) {
 			{pattern: "^snowflake.torproject.net$", allowNonTLS: false, targetURL: "wss://faketorproject.net", expects: fmt.Errorf("")},
 			{pattern: "snowflake.torproject.net$", allowNonTLS: false, targetURL: "wss://faketorproject.net", expects: fmt.Errorf("")},
 			{pattern: "snowflake.torproject.net$", allowNonTLS: false, targetURL: "wss://snowflake.torproject.net", expects: nil},
-			{pattern: "snowflake.torproject.net$", allowNonTLS: false, targetURL: "wss://imaginary-01-snowflake.torproject.net", expects: nil},
-			{pattern: "snowflake.torproject.net$", allowNonTLS: false, targetURL: "wss://imaginary-aaa-snowflake.torproject.net", expects: nil},
+			{pattern: "snowflake.torproject.net$", allowNonTLS: false, targetURL: "wss://imaginary-01-snowflake.torproject.net", expects: fmt.Errorf("")},
+			{pattern: "snowflake.torproject.net$", allowNonTLS: false, targetURL: "wss://imaginary-aaa-snowflake.torproject.net", expects: fmt.Errorf("")},
 			{pattern: "snowflake.torproject.net$", allowNonTLS: false, targetURL: "wss://imaginary-aaa-snowflake.faketorproject.net", expects: fmt.Errorf("")},
 
 			{pattern: "^torproject.net$", allowNonTLS: false, targetURL: "wss://faketorproject.net", expects: fmt.Errorf("")},
 			// Yes, this is how it works if there is no "^".
-			{pattern: "torproject.net$", allowNonTLS: false, targetURL: "wss://faketorproject.net", expects: nil},
+			{pattern: "torproject.net$", allowNonTLS: false, targetURL: "wss://faketorproject.net", expects: fmt.Errorf("")},
 
 			// NonTLS
 			{pattern: "snowflake.torproject.net$", allowNonTLS: false, targetURL: "ws://snowflake.torproject.net", expects: fmt.Errorf("")},
@@ -556,8 +556,8 @@ func TestUtilityFuncs(t *testing.T) {
 			{pattern: "$", allowNonTLS: true, targetURL: "//snowflake.torproject.net", expects: fmt.Errorf("")},
 			{pattern: "$", allowNonTLS: true, targetURL: "/path", expects: fmt.Errorf("")},
 			{pattern: "$", allowNonTLS: true, targetURL: "wss://snowflake.torproject .net", expects: fmt.Errorf("")},
-			{pattern: "$", allowNonTLS: true, targetURL: "wss://😀", expects: nil},
-			{pattern: "$", allowNonTLS: true, targetURL: "wss://пример.рф", expects: nil},
+			{pattern: "$", allowNonTLS: true, targetURL: "wss://😀", expects: fmt.Errorf("")},
+			{pattern: "$", allowNonTLS: true, targetURL: "wss://пример.рф", expects: fmt.Errorf("")},
 
 			// Local URLs
 			{pattern: "localhost$", allowNonTLS: false, targetURL: "wss://localhost", expects: fmt.Errorf("")},
diff --git a/proxy/lib/snowflake.go b/proxy/lib/snowflake.go
index 4413a90..9c6647a 100644
--- a/proxy/lib/snowflake.go
+++ b/proxy/lib/snowflake.go
@@ -682,7 +682,10 @@ func checkIsRelayURLAcceptable(
 				return fmt.Errorf("rejected Relay URL: private IPs are not allowed")
 			}
 		} else {
-			ipArray, _ := net.LookupIP(hostname)
+			ipArray, err := net.LookupIP(hostname)
+			if err != nil {
+				return fmt.Errorf("Could not look up IP %s", hostname)
+			}
 			for _, ip := range ipArray {
 				if !isRemoteAddress(ip) {
 					return fmt.Errorf("rejected Relay URL: private IPs are not allowed")