DNS resolver for MailCleaner
Added about 5 years ago
How to configure DNS resolver for MailCleaner.
Flapping problem in MailCleaner, are often related to slow DNS resolution.
We recommend to let MailCleaner performing dns query itself, setting up DNS resolution to 127.0.0.1 in:
- Configuration > Base System > DNS settings
Primary DNS server : 127.0.0.1
Of course you can setup MailCleaner to use your own local DNS resolver, especially if you need to resolve local non public zone.
But be warned that MailCleaner use it intensively and it has to be reliable.
Warning: External DNS resolver (i.e. google
188.8.131.52, or such) must not be used, as they often introduce delay in DNS resolution, mainly by denying massive DNSBL resolution performed by MailCleaner.
Firewall configuration to allow MailCleaner to perform DNS resolution¶
When using 127.0.0.1, external DNS resolution is done directly to root DNS servers.
If MailCleaner is behind a firewall, add this rules to your firewall:
- MailCleaner -> Internet: allow traffic for port 53 (dns) both TPC and UDP
NOTE : MailCleaner cannot be used as DNS resolver, it only listen on 127.0.0.1.
- Using 127.0.0.1 as a local resolver (and local DNS cache) in MailCleaner really improves anti-spam speed.
- Decreases drastically the load of your DNS server.
- If you plan to set up a MailCleaner Cluster, during the cluster setup, the hostname of every host must to be resolved externally.
- In Configure > Domains > [your domain] > Delivery > Destination servers, all the FQDN you define here must to be resolved externally.