Unbound resolving to MX outside IP

P

Peter Nielsen

Member
Proxmox Subscriber
Jul 31, 2019
24
4
23
53
Hi

I have been having issues with :
RCVD_IN_DNSWL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to DNSWL was blocked.
URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked.

So I installed UNBOUND and changed the /etc/resolver.conf to point at 127.0.0.1. However this results in a double bounce or loop, because the downstream mail server resolves on the public IP (instead of the local IP) and pmg basically attempts to fwd the mails to it self instead of the downstream mail server.
In UNBOUND I have tried to setup a stub-zone for the local domain and forward zone for "." to forward lookup to the domain dns servers but it does not work.

Any ideas?

Br. Peter
 
the downstream-path usually does not (necessarily) use DNS, but rather the Transport entries (GUI->Configuration->Mail Proxy>Transports) or the default relay entry - you should be able to suppress MX lookups in both cases (or even directly point them to the IPs).
I think this solution should be the most robust one.

creating local-data entry in the unbound config containing an MX record pointing to the (internal) hostname of the downstream server should provide a solution on the DNS-level

I hope this helps!

EDIT: just in case you haven't found/followed it yet - the getting started wiki-page also should provide some valid pointers:
https://pmg.proxmox.com/wiki/index.php/DNS_server_on_Proxmox_Mail_Gateway
 
Last edited:
Stoiko Ivanov said:
the downstream-path usually does not (necessarily) use DNS, but rather the Transport entries (GUI->Configuration->Mail Proxy>Transports) or the default relay entry - you should be able to suppress MX lookups in both cases (or even directly point them to the IPs).
I think this solution should be the most robust one.

creating local-data entry in the unbound config containing an MX record pointing to the (internal) hostname of the downstream server should provide a solution on the DNS-level

I hope this helps!

EDIT: just in case you haven't found/followed it yet - the getting started wiki-page also should provide some valid pointers:
https://pmg.proxmox.com/wiki/index.php/DNS_server_on_Proxmox_Mail_Gateway
Click to expand...
I can make heads or tails of this :-( It appears that no matter what I do UNBOUND keeps using root hints to do its lookups. I have attached a snip of the unbound syslog together with the 2 conf files in unbound.

Regards Peter
 

Attachments

You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom