Show threadjzdmDec 20
@delta It seems, the primary error lays in the way the setup script is requesting the A record for the domain.
It first resolves the #MNAME part from the SOA and then tries to resolve the A record by sending a request to the MNAME server.
This is incorrect as the MNAME is not required to be publicly reachable. In the case of #desec this method fails. See https://talk.desec.io/t/communications-error-with-desec-services/1454
Communications error with deSEC services

HI there, I’m trying to install a chatmail server using deSEC as the DNS manager. However, the installer reports an error when running dig @get.desec.io. -r -q <my_domain> -t A +short. And if I run this same command from my command line I get the following error: ;; communications error to 2a01:4f8:10a:1044:deec:642:ac10:80#53: connection refused ;; communications error to 2a01:4f8:10a:1044:deec:642:ac10:80#53: connection refused ;; communications error to 2a01:4f8:10a:1044:deec:642:ac10:80#53...

deSEC Community
Show threadjzdmDec 19
#DNS #followerpower #desec #SOA #MNAME
jzdmDec 19

#DNS question:
Is the "primary master name server" (MNAME) from a SOA entry required to answer DNS queries for the domain in question?

Asking, because desec.io does return "get.desec.io" as the primiary master name server for domains hosted at desec.io. But there is no DNS server answering requests under that domain.
#followerpower #desec #SOA #MNAME