Enabling DNSSEC resulting in DNS propagation/Email delivery issues


Nov 12, 2021
Denver, CO
cPanel Access Level
DataCenter Provider
I'm a System Administrator reaching out on a customer's behalf regarding an obscure issue I'm seeing.

I enabled DNSSEC on said customer's domain using the typical method of switching nameserver daemon to powerDNS and setting up DNSSEC key within cPanel zone manager. After doing so, the customer is reporting issues sending and receiving from certain recipients. Bouncebacks indicate only generic 550 remote server errors which lead me to believe that this was an issue with the remote mailservers (spam filters, etc.).

However, after disabling DNSSEC these email issues vanished right away. Customer also reported that with DNSSEC enabled, he was seeing DNS propagation propagation issues. For example, checking his domain with whatsmydns.net showed that not all records were fully pushing out.

I was not able to find any similar forum posts so just reaching out to see if anyone else has encountered this.