In logwatch, I am getting loads of DANE errors like this:
mail postfix/smtp[2128]: message repeated 2 times: [ warning: yahoo.com: dane configured with dnssec lookups disabled]
I did some search and it looks like unbound can probably help: https://tech.feedyourhead.at/content/postfix-verified-tls-with-dane
So I thought I will give it a go on the test server, but the moment I install unbound: apt-get install unbound I get the error:
Failed to start unbound DNS server.
Stopped Unbound DNS server
I am wondering if it is because we use BIND and now Unbound. Is there a way to disable.stop BIND and try Unbound? And what would be the implications of doing that?
Alternatively is there a way to deal with the DANE issue with BIND itself?
Any idea/suggestion will be highly appreciated.
Thx: Rav