Viktor Dukhovni: > Perhaps "postfix check" could generate a warning if DANE is enabled > and non-local nameservers are found in /etc/resolv.conf (or and/or > its chroot-jail version).
I think it would be entirely reasonable to share a DNS cache among multiple systems within the same trusted perimeter. One DNS server per host in a farm of mail servers may not be practical. Wietse