I just tried this to no effect. I'm thinking the behavior I detailed is by design due to a change log entry on Unbound 1.2.0. "fixup reported problem with transparent local-zone data where queries with different type could get nxdomain. Now queries with a different name get resolved normally, with different type get a correct NOERROR/NODATA answer." The MX is a different type than the A, so it gets NOERROR/NODATA...or am I misunderstanding that entry? -Bryan On Fri, Mar 19, 2010 at 10:37 AM, Paul Wouters <paul at xelerance.com> wrote: > On Fri, 19 Mar 2010, Bryan Clay wrote: > > Tried to send an email to customer.com, the email server can't find the >> MX record. The MX record exists upstream, >> it points to smtp.ourdom.com. When I hit Bind directly, it returns the >> private IP fine. Unbound returns that the >> record doesn't exist due to overriding company.com A. >> > > Ohh, this might be because the RFC1918 address are dropped for security > reasons. > To allow these, check the private-address: and private-domain: options. Try > adding: > > private-domain: cust1.com > private-domain: cust2.com > private-domain: cust3.com > > Paul > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20100319/7e2f9d36/attachment.htm>