Status Check fails after Switching DNS to MiaB Server

[MrTuffa]

Hello everybody, During the installation I used an external DNS server and made all entries manually. There was no problem.

But I have now switched the DNS server to my MiaB server and now I get the error message during the status check: Something went wrong, sorry.

When I run the status check via SSH, I get the following message:

Network
=======
✓  Firewall is active.
✓  Outbound mail (SMTP port 25) is not blocked.
✓  IP address is not blacklisted by zen.spamhaus.org.
multiprocessing.pool.RemoteTraceback:
"""
Traceback (most recent call last):
  File "/usr/lib/python3.6/multiprocessing/pool.py", line 119, in worker
    result = (True, func(*args, **kwds))
  File "/usr/lib/python3.6/multiprocessing/pool.py", line 47, in starmapstar
    return list(itertools.starmap(args[0], args[1]))
  File "./status_checks.py", line 367, in run_domain_checks_on_domain
    check_mail_domain(domain, env, output)
  File "./status_checks.py", line 625, in check_mail_domain
    mxhost = mx.split('; ')[0].split(' ')[1]
IndexError: list index out of range
"""

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "./status_checks.py", line 1027, in <module>
    run_checks(False, env, ConsoleOutput(), pool)
  File "./status_checks.py", line 66, in run_checks
    run_domain_checks(rounded_values, env, output, pool)
  File "./status_checks.py", line 335, in run_domain_checks
    ret = pool.starmap(run_domain_checks_on_domain, args, chunksize=1)
  File "/usr/lib/python3.6/multiprocessing/pool.py", line 274, in starmap
    return self._map_async(func, iterable, starmapstar, chunksize).get()
  File "/usr/lib/python3.6/multiprocessing/pool.py", line 644, in get
    raise self._value
IndexError: list index out of range

In the SSL Certificates menu I get the following message:

The domain name does not resolve to this machine: [timeout] (A)

Then I did a DNS check but the A entry is defined. Pinging and receiving mail is also possible. Sending emails also works without any problems. can you help me to solve this problem?

[hija]

We've seen this error when domains were not correctly configured. Would you mind sharing your domain(s) here?

[MrTuffa]

Primary Domain: toffanello-it.com subdomain: mail.toffanello-it.com

[hija]

Could you post an image of your dns configurations, i.e. your individual DNS records?

[MrTuffa]

When I used MiaB's internal DNS. I only set the primary and secondary name servers to ns1.mail.toffanello-it.com and ns2.mail.toffanello-it.com. Now I use the external DNS from my provider again and have made all entries manually. now everything works without problems. I think I'll stick to the external DNS then. Thanks anyway for the help =)

[hija]

Alright :) You are welcome!

[jasherai]

I have just experienced this issue too. I was able to "resolve" it ( pun intended! ) by settings the upstream forwarder in my binds named.conf.options

I am running on ubuntu 20.04 (with Mustards compatibility patches) so I'm not sure if there is anything specifically different with my version of the bind package. It may help someone else if they come across this issue.

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable 
        // nameservers, you probably want to use them as forwarders.  
        // Uncomment the following block, and insert the addresses replacing 
        // the all-0's placeholder.

        forwarders {
                1.1.1.1;
        };

        //========================================================================
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        //========================================================================
        dnssec-validation auto;

//      listen-on-v6 { any; };
        listen-on-v6 { none; };

        listen-on { 127.0.0.1; };

        max-recursion-queries 100;
};

[jvolkenant]

You should not be forwarding dns requests to another dns server. It will cause lookups for RBL to fail.