piperino it looks like there is something wrong with unbound using its IP to do some lookups on the host and I get this where it times out for the domain
oot@vps2:/opt/mailcow-dockerized# dig @172.22.1.254 gmail.com MX
; <<>> DiG 9.16.48-Ubuntu <<>> @172.22.1.254 gmail.com MX
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5561
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;gmail.com. IN MX
;; ANSWER SECTION:
gmail.com. 1963 IN MX 40 alt4.gmail-smtp-in.l.google.com.
gmail.com. 1963 IN MX 5 gmail-smtp-in.l.google.com.
gmail.com. 1963 IN MX 10 alt1.gmail-smtp-in.l.google.com.
gmail.com. 1963 IN MX 30 alt3.gmail-smtp-in.l.google.com.
gmail.com. 1963 IN MX 20 alt2.gmail-smtp-in.l.google.com.
;; Query time: 4 msec
;; SERVER: 172.22.1.254#53(172.22.1.254)
;; WHEN: Sat Mar 16 21:09:08 GMT 2024
;; MSG SIZE rcvd: 161
root@vps2:/opt/mailcow-dockerized# dig @172.22.1.254 citaq.com MX
; <<>> DiG 9.16.48-Ubuntu <<>> @172.22.1.254 citaq.com MX
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
unbound logs don’t give me anything useful
root@vps2:/opt/mailcow-dockerized# docker logs 37f346ca667e
Setting console permissions...
Receiving anchor key...
Receiving root hints...
######################################################################## 100.0%
setup in directory /etc/unbound
Certificate request self-signature ok
subject=CN = unbound-control
removing artifacts
Setup success. Certificates created. Enable in unbound.conf file to use
[1710621491] unbound[1:0] notice: init module 0: validator
[1710621491] unbound[1:0] notice: init module 1: iterator
[1710621492] unbound[1:0] info: start of service (unbound 1.17.1).
[1710621506] unbound[1:0] info: generate keytag query _ta-4f66. NULL IN