<div>                You can got to https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users.<br>At the bottom of the page you can read:<br>    To unsubscribe from Unbound-users, get a password reminder, or change your subscription options enter your subscription email address:  __________<br>and click the unsubscribe button.            </div>            <div class="yahoo_quoted" style="margin:10px 0px 0px 0.8ex;border-left:1px solid #ccc;padding-left:1ex;">                        <div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">                                <div>                    On Monday, May 16, 2022, 08:24:12 AM GMT+3, DANIEL NANGHAKA via Unbound-users <unbound-users@lists.nlnetlabs.nl> wrote:                </div>                <div><br></div>                <div><br></div>                <div><div id="yiv5202866043"><div><div>How do I get off this mailing list?<div><br clear="none"></div><div>Am happy to be removed from it. </div></div><br clear="none"><div id="yiv5202866043yqt48707" class="yiv5202866043yqt2689130471"><div class="yiv5202866043gmail_quote"><div dir="ltr" class="yiv5202866043gmail_attr">On Sat, May 14, 2022, 06:36 BangDroid via Unbound-users <<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:unbound-users@lists.nlnetlabs.nl" target="_blank" href="mailto:unbound-users@lists.nlnetlabs.nl">unbound-users@lists.nlnetlabs.nl</a>> wrote:<br clear="none"></div><blockquote style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;" class="yiv5202866043gmail_quote"><div dir="ltr">Kind of pulling my hair out with this one.. The domain <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://twitterdatadash.com/">twitterdatadash.com</a> will not resolve with unbound recursively. I get SERVFAIL.<br clear="none"><br clear="none">root.hints is up to date, local time on raspi is accurate. No other domains are failing.<br clear="none"><br clear="none">Both dig <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://sigfail.verteiltesysteme.net/">sigfail.verteiltesysteme.net</a> @<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" onclick="return window.theMainWindow.showLinkWarning(this)" href="http://127.0.0.1/">127.0.0.1</a> -p 5335 and dig <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://sigok.verteiltesysteme.net/">sigok.verteiltesysteme.net</a> @<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" onclick="return window.theMainWindow.showLinkWarning(this)" href="http://127.0.0.1/">127.0.0.1</a> -p 5335 are as expected.<br clear="none"><br clear="none">Switching to an upstream DNS in Pi-hole will get the domain to successfully resolve, as well as using a standard DNS forward-zone in unbound.conf.d/pi-hole.conf:<br clear="none"><br clear="none">    forward-zone:<br clear="none">    name: "."<br clear="none">    forward-addr: 8.8.8.8<br clear="none"><br clear="none">However, if I use a DoT forward zone (because suspected possible? DNS hijacking by ISP):<br clear="none"><br clear="none">    tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt<br clear="none">    forward-zone:<br clear="none">        name: "."<br clear="none">        forward-addr: 1.1.1.1@853#<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://cloudflare-dns.com/">cloudflare-dns.com</a><br clear="none">        forward-addr: 1.0.0.1@853#<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://cloudflare-dns.com/">cloudflare-dns.com</a><br clear="none">        forward-ssl-upstream: yes<br clear="none"><br clear="none">Everything works exactly as expected, including <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" onclick="return window.theMainWindow.showLinkWarning(this)" href="https://1.1.1.1/help">https://1.1.1.1/help</a> **except** <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://twitterdatadash.com/">twitterdatadash.com</a> remains SERVFAIL.<br clear="none"><br clear="none">Paste of dig outputs with various unbound configurations: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://pastebin.com/k1LtjzHB">https://pastebin.com/k1LtjzHB</a><br clear="none"><br clear="none">pi-hole.conf: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://pastebin.com/szLmcNFj">https://pastebin.com/szLmcNFj</a><br clear="none"><br clear="none">unbound logs greped with "twitterdatadash" :<br clear="none"><br clear="none">'default' pihole.conf : <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://pastebin.com/JmgUDSRv">https://pastebin.com/JmgUDSRv</a><br clear="none"><br clear="none">with DoT: <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://pastebin.com/k3UgdZD4">https://pastebin.com/k3UgdZD4</a><br clear="none"><br clear="none">Accessing that domain is not crucial by any means, I am only concerned it may be indicative of a bigger issue. It seems like there must be an issue with my configuration somewhere, but every test I run appear to indicate no issue. Is it possible the issue is not my end? Anyone have any ideas?</div></blockquote></div></div></div></div></div>            </div>                </div>