After DNS Zone Interface has been replace with DNS Zone Manager DANE TLSA Records issue

[SimonSchmitz]

After DNS Zone Interface has been replace with DNS Zone Manager DANE TLSA Records is not working, i can't add a DANE record got this error

A DNS label must not exceed 63 characters.

 

[cPRex]

Hey there! cPanel has never officially supported DANE records, so if they were working previously, that was purely a coincidence. Details on that can be found here:

Exim reporting: "DANE error: tlsa lookup DEFER"

Symptoms Some outbound emails may return, or bounceback, with the following error reported in your Exim Mainlog: R=dkim_lookuphost T=dkim_remote_smtp defer (-36): DANE error: tlsa lookup DEFER ...

support.cpanel.net

At this point, we don't have plans to implement that record type in WHM or cPanel.

 

[Alternative Hosting]

seriously, in the current environment, security needs to be a top focus. As the people on the front lines, we need cPanel to support us by giving us the tools we need to provide the most secure services we can. Email is quickly becoming a problem area, especially if you have your servers with one of the large datacentre providers, as you will 100% end up on UCEProtect 2 or 3, simply because you use on of the top 5 datacentre providers. Visit their website and you will see their absolutely insane, combative, rude and chauvinistic behaviour. They will also add you to their "Backscatter" blacklist if you follow RFC5321 for SMTP, and the cPanel default, to do a sender callback on incoming mail.

Because of these jokers, and because Microsoft is using them as a blocklist and not an indicator for spam scoring, we need to do everything we can to ensure email we send and receive is as secured, prim and proper, and following every rule and security best practice, if we are to possibly get legitimate email to recipients using Microsoft, Google and the sort.

 

[cPanelDustin]

Would this be as simple as increasing the allowed label size for the DNS record, at least for a solve for now?