Use ISP nameservers, or additional setup for own DNS server to activate DNSSEC?

First of all I have really been enjoying mail-in-a-box.
I got nowhere with sogo, zentyal, and kolab.
However with miab everything is so user friendly, modern, and well communicated, well done guys!

First the output of management/ is:
First an unprintable character on line 312, then on 329, then I scrolled through and deleted the rectangular unprintable characters on other lines,
Then there is an error:

File “”, line 366
mail_aliases = dict([(address, receivers) for address, receivers, *_ in get_mail_aliases(env)])

The compiler points to the asterix.

But my questions are about the following status checks:

Under System:

? Mail-in-a-Box version check disabled by privacy setting.

Im guessing this is a none issue, but it might nice to enable it?


? The nameservers set on this domain at your domain name registrar should be; They are currently;;; If you are using External DNS, this may be OK.

When I tried to change my name servers to and, my domain’s hosting web interface says “failed to resolve”, and goes reverts to their own nameservers.

I emailed my domain hoster and this was their response:

Please be advised that the setup of mail in a box falls outside our scope of support.
The only way to confirm if the DNS records are working is to test them after the setup has been completed.
In regards to the name server setup :
You can skip the “Domain Name Glue Records” and “Domain Name Namerservers” and use our name servers.

Alternatively you will need to do the following to setup your own name servers:

Please let us know should you require any further assistance.

Should I use their nameservers or continue with installing and configuring bing9 as recommended in the link about configuring DNS server in ubuntu?

This is the second Domain related issue:

? This domain’s DNSSEC DS record is not set. The DS record is optional. The DS record activates DNSSEC. To set a DS record, you must follow the instructions provided by your domain name registrar and provide to them this information:

I sent them provided information, and requested them to do it, this was their response:

YZACR does not currently support DNSSEC on the name space yet.
You however don’t need DNSSEC for a mail server. The 2 main things you need for a mail server are SPF records and DKIM records.
DNSSEC is designed to help prevent cache poisoning on a clients DNS
caching servers. It will not assist in any way with the mail server.

When I tried, I got a 1.9 out of 10 score stating my emails would never seen the light of a mailbox. Which is proving to be true.

So should I install bind9? I am doubtful because I have not read anything like that in the mail-in-a-box tutorials. I tried to do the glue records but my host doesnt provide the same functionality as the Gandhi website. What do you guys think should be my next step?

Kind Regards

Ignore everything your registrar is telling you. If following Mail-in-a-Box’s setup instructions don’t work at your registrar, you’ll have to find a new registrar.

? Mail-in-a-Box version check disabled by privacy setting.
Im guessing this is a none issue, but it might nice to enable it?

You can just click on it to enable, right?

I really like that MIAB comes with privacy by default.

FWIW, I had a similar issue with Namecheap… I ended up needing to talk to a live person, then they were able to set the glue records. Really irritating.

My guess is that not many people want to set glue records so bugs can lurk in the registrar’s webapp for a long time.

I totally agree with JoshData. If the registrar is making it painful to set glue records (either through bugs or through a hideous UI), it’s probably worth switching. I did.

Had the same problem with Namecheap as well. Switching the domain my box is on to Gandi solved it. Once you have a glue record for your box at gandi, you can use any registrar for the rest of your sites by using your nameserver set at gandi

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.