madnoob2

Active Member
Apr 18, 2017
43
0
6
Austria
cPanel Access Level
Root Administrator
Howdy,

First off sorry if this is in the inapproprate section, didn't know where to put it exactly, BUT, I'm having a pretty weird problem with my DNS resolution when using the Email Deliverabilty function in order to generate DKIM keys for a domain.
The mentioned function returns;

Code:
The system failed to complete validation of “domain.com”’s “DKIM” because of an error: (XID gcty9j) DNS query (default._domainkey.domain.com/TXT) timeout!
Because the querying times out, I cannot generate DKIM keys. I went ahead and ran tcpdump on the machine (Centos7) and saw that it's trying to query the root DNS servers ie. a,b,c,d...root-servers.net but it's always appending a suffix .domain , so it's not really querying a.root-servers.net but a.root-servers.net.domain instead.
I tried to make a workaroud by adding the DNS root servers in the hosts file WITH the .domain suffix, but the next query ended up being a.root-servers.net.domain.domain .
I'm really curious to know what's going on and why it it appending that suffix. Hopefully someone can clarify it for me.

Thanks in advance!
 

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,274
1,295
313
Houston
Because of the nature of this and the fact that we don't allow domain names etc. in the forums, can you please open a ticket using the link in my signature? Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved.


Thanks!
 

madnoob2

Active Member
Apr 18, 2017
43
0
6
Austria
cPanel Access Level
Root Administrator
Thanks for the reply, Lauren, but I've fixed the issue.
It seems that the .domain is just the way dns querying operates and means nothing for troubleshooting atleast.
What the issue was is that the server is behind firewall, and DNS querying is only allowed through the nameservers we set in /etc/resolv.conf . DNS query is working fine from the CLI, but looks like cPanel uses the root-servers to perform it's query for various cPanel functions. Pretty annoying it's not using the ones we set but the ones it wants :P.
 

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,274
1,295
313
Houston
I can see how that configuration would cause an issue with the way these lookups are performed. I am glad you found the cause and that you were able to workaround it.