Plesk Email Security: DNS caching is disabled! Please use a local DNS server to improve SPAM recognition via blocklists (for instance systemd-resolved)

Follow

Comments

5 comments

  • Avatar
    Andrei L

    Hi,

     

    Can this be updated for Plesk Obsidian, Ubuntu 18?

    service named-chroot restart
    Failed to restart named-chroot.service: Unit named-chroot.service not found.

    service named-chroot status
    Unit named-chroot.service could not be found.

    0
    Comment actions Permalink
  • Avatar
    Julian Bonpland Mignaquy

    Andrei L 
    Please check step 6:

    Restart BIND service (named-chroot for CentOS, bind9 is Ubuntu/Debian):

    So for Ubuntu it should be # service bind9 restart

    0
    Comment actions Permalink
  • Avatar
    To Wei

    I don't think the instructions are entirely correct. Manual changes in the /etc/resolv.conf file are overwritten with each restart of the server or the systemd-resolve service.

    1
    Comment actions Permalink
  • Avatar
    Mauro Elias Morone

    I received the warning message "DNS caching is disabled!".

    I correctly followed the instructions receiving at the end the message "permanent testpoint" and that appears to be configured well, in fact the previous warning message there have disappeared.

    But the weird fact is that if I input again the command for the status info, all the lines at the end named[xxxxx] etc... appears to be with a connection error, also if I add the "nameserver 127.0.0.1" on top of the other IP I have in that file, or also in case I leave there only nameserver 127.0.0.1 for example (deleting the other IP I have there).
    I tried all the combination, and in any case there will be a connection error in those lines named[xxxxx] at the end.

    Only if I don't insert "nameserver 127.0.0.1" on the top of that file (leaving all in the previous way), all the connection named[xxxxx] using the command "service .. status" are confirmed.

    So I leaved all in the previous way.

    0
    Comment actions Permalink
  • Avatar
    Mark Pryor (Edited )

    These instructions are odd to me. I'm on Ubuntu.  these are the entries in /etc/resolvconf/resolv.conf.d/head

    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
    #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
    # 127.0.0.53 is the systemd-resolved stub resolver.
    # run "systemd-resolve --status" to see details about the actual nameservers.
    nameserver 8.8.8.8 
    nameserver 8.8.4.4

    Do I need to add nameserver 127.0.0.1 there as well?   I have read that the maximum number of nameservers in /etc/resolv.conf is 3 which is what I have already.

    edit:  I modified the /etc/resolvconf/resolv.conf.d/head to be the following and now the error message has disappeared.  

    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
    #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
    # 127.0.0.53 is the systemd-resolved stub resolver.
    # run "systemd-resolve --status" to see details about the actual nameservers.
    nameserver 127.0.0.1
    nameserver 8.8.8.8
    nameserver 8.8.4.4

    Now when I run the following it seems to work

    # host -tTXT 2.0.0.127.multi.uribl.com
    2.0.0.127.multi.uribl.com descriptive text "permanent testpoint"

    Also, checking the file /etc/resolv.conf shows the four name servers.  Not sure if this will be a problem or maybe the 127.0.0.53 doesn't count as one???

    # cat /etc/resolv.conf
    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
    #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
    # 127.0.0.53 is the systemd-resolved stub resolver.
    # run "systemd-resolve --status" to see details about the actual nameservers.
    nameserver 127.0.0.1
    nameserver 8.8.8.8
    nameserver 8.8.4.4
    nameserver 127.0.0.53

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request