Using an external DNS service
If you want or have to use an external DNS service, you can either set a forwarder in Unbound or copy an override file to define external DNS servers:
Please do not use a public resolver like we did in the example above. Many - if not all - blacklist lookups will fail with public resolvers, because blacklist server has limits on how much requests can be done from one IP and public resolvers usually reach this limits.
Important: Only DNSSEC validating DNS services will work.
Method A, Unbound¶
data/conf/unbound/unbound.conf and append the following parameters:
forward-zone: name: "." forward-addr: 18.104.22.168 # DO NOT USE PUBLIC DNS SERVERS - JUST AN EXAMPLE forward-addr: 22.214.171.124 # DO NOT USE PUBLIC DNS SERVERS - JUST AN EXAMPLE
docker compose restart unbound-mailcow
docker-compose restart unbound-mailcow
Method B, Override file¶
cd /opt/mailcow-dockerized cp helper-scripts/docker-compose.override.yml.d/EXTERNAL_DNS/docker-compose.override.yml .
docker-compose.override.yml and adjust the IP.
Afterwards stop and start the Docker Stack again:
docker compose down docker compose up -d
docker-compose down docker-compose up -d