Whatsmydns.net and dnschecker.org are showing multiple failures and the clients users are reporting being unable to access the site. Any suggestions to help me troubleshoot this would be GREATLY appreciated!!!
I had this same issue and this fixed it for a domain registered at GoDaddy.
To add a follow up question, will having DNSSEC turned off affect deliverability of mail for that domain? What are the ramifications of not having a DS record set for the domain.
Thanks and apologies for adding a question onto this question.
DNSSEC was invented a long time ago as a way to ensure DNS queries were not answered with forged information, e.g. a man-in-the-middle attack. So for example your local ISP couldn’t redirect your domain name to a different server. But it only works if the whole chain from client to server all support it (your laptop, your ISP, any intermediate DNS servers, and your Mail-in-a-Box), and DNSSEC has had very low adoption since it was invented. Almost no one is using it client-side. So, in general, it does nothing. It may be worthwhile in special circumstances, but it probably provides little overall security. Leaders in security generally recommend other methods like “DNS over HTTP”.
Adding it to Mail-in-a-Box was probably a mistake. It was a bet that we’d have the latest mail features implemented that didn’t pan out.
The nameservers set on this domain are incorrect. They are currently [Not Set]. Use your domain name registrar’s control panel to set the nameservers to ns1.emmons.uniquelyyoursmail.com; ns31.cloudns.net; ns32.cloudns.net; ns33.cloudns.net; ns34.cloudns.net; pns31.cloudns.net; pns32.cloudns.net; pns33.cloudns.net; pns34.cloudns.net.