Hello.
After searching about my doubt, I’ve found this comment from JoshData about DNSSEC should not be used unless you have a legal requirement.
https://discourse.mailinabox.email/t/dnssec-ds-record-is-incorrect-with-external-dns/11376/6
I would like to ask and understand a couple of things:
- Does that only apply to External DNS or is DNSSEC not recommended when using MIAB built in DNS server too?
- For External Server, shall I just disable DNSSEC at my provider and remove any DS record? Or would it help somehow to enable DNSSEC there and ignore all related errors at MIAB host?
- Depending on the above answers… would it make sense to change those error/warning messages and its level? (just to avoid people like me making this questions here in the future).
Thanks in advance.