How to Disable DNSSEC functionality from DNSCACHE service
How to Disable DNSSEC functionality from DNSCACHE service
Problem
Instances of name resolution failure may arise when the master DNS service lacks support for DNSSEC functionality.
Solution
To address this concern, the DNSSEC functionality within the MTA (Message Transfer Agent) server should be disabled, as it is enabled by default.
Check the current status of the DNSSEC functionality by running the command:
zmlocalconfig zimbra_enable_dnssec
If the output shows that zimbra_enable_dnssec is set to "true", then DNSSEC is currently enabled.
Disable DNSSEC:
Change the value of zimbra_enable_dnssec to false using the following command:
zmlocalconfig -e zimbra_enable_dnssec=false
Restart Services:
Restart both the zmconfigd and zmdnscache services to apply the changes:
zmconfigdctl restart zmdnscachectl restart
By following these steps, the DNSSEC functionality will be disabled on the MTA server, addressing the issue of name resolution failure linked to DNSSEC incompatibility with the master DNS service.
Submitted by: Sandesh Satam |