*never* use a forwarind/ISP nameserver for a inbound MX > If I understand you, I don't. I have my own domain and my mx record points to > my dyndns FQDN
What you mentioned above is hosting your own domain's DNS to the Internet and has nothing to do with how your ClearOS server is resolving it's own lookups for Internet domains like apache.org, google.com, ena.com, etc. You need to find how to disable forwarding within dnsmasq to make dnsmasq do it's own full recursive lookup. As long as you point to any other DNS server, you are at risk of having your DNS queries combined with others which will put your email server over the free query limits by many RBLs. DNS 101 ======= DNS forwarding is when you point to another DNS server in /etc/resolv.conf (or /etc/dnsmasq-resolv.conf when using dnsmasq). DNS recursion is when you do your own full recursive DNS lookup. (Similar to running 'dig +trace google.com' from the command line.) This would be 127.0.0.1 in the /etc/resolv.conf then whatever DNS server is listening on 127.0.0.1 or 0.0.0.0 port 53 does not forward to another DNS server like Google or OpenDNS. Dnsmasq is a very powerful DNS server so I am sure it can be configured to do full recursive lookups but this is not a common configuration for dnsmasq. I prefer PowerDNS recursor which is very easy to install on most distros. You just need to work out the listening interfaces or IPs so dnsmasq listens only on 127.0.0.1 and the other DNS server (BIND, PDNS recursor, unbound, etc.) only listens on your interface IP. Then you would setup dnsmasq-resolv.conf to point to that interface IP.
