From 3602317c26da1a594916b0e53d45f413771125df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Peters?= Date: Fri, 6 Mar 2020 13:48:24 +0100 Subject: [PATCH] Update u_e-unbound-fwd.md --- docs/u_e-unbound-fwd.md | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/docs/u_e-unbound-fwd.md b/docs/u_e-unbound-fwd.md index 19fe9e22c..b8caaf616 100644 --- a/docs/u_e-unbound-fwd.md +++ b/docs/u_e-unbound-fwd.md @@ -1,19 +1,34 @@ -If you want or have to use an external DNS service, you can define it in `data/conf/unbound/unbound.conf`: +If you want or have to use an external DNS service, you can either set a forwarder in Unbound or copy an override file to define external DNS servers: + + !!! warning + Please do not use a public resolver like we did in the example above. Many - if not all - blacklist lookups will fail with public resolvers. + **Important**: Only DNSSEC validating DNS services will work. + +## Method A, Unbound + +Edit `data/conf/unbound/unbound.conf` and append the following parameters: ``` forward-zone: name: "." - forward-addr: 8.8.8.8 - forward-addr: 8.8.4.4 + forward-addr: 8.8.8.8 # NO NOT USE PUBLIC DNS SERVERS - JUST AN EXAMPLE + forward-addr: 8.8.4.4 # NO NOT USE PUBLIC DNS SERVERS - JUST AN EXAMPLE ``` -Please do not use a public resolver like we did in the example above. Many - if not all - blacklist lookups will fail with public resolvers. - -**Important**: Only DNSSEC validating DNS services will work. - -Restart Unbound after changing its config file: +Restart Unbound: ``` docker-compose restart unbound-mailcow ``` + +## Method B, Override file + +``` +cd /opt/mailcow-dockerized +cp helper-scripts/docker-compose.override.yml.d/EXTERNAL_DNS/docker-compose.override.yml . +``` + +Edit `docker-compose.override.yml` and adjust the IP. + +Run `docker-compose down ; docker-compose up -d`.