Stalwart's resolver is doing its own DNSSEC validation that no resolver choice disables, and it's wrongly flagging the (legitimate, unsigned) NODATA AAAA as bogus

Surya_Pratap · June 23, 2026, 7:03pm

Issue Description

Stalwart’s resolver is doing its own DNSSEC validation that no resolver choice disables, and it’s wrongly flagging the (legitimate, unsigned) NODATA AAAA as bogus

Stalwart Version

v0.16.x

Installation Method

Binary (Linux)

Database Backend

RocksDB

Blob Storage

RocksDB

Search Engine

Internal

Directory Backend

Internal

I have reviewed the documentation and FAQ and confirm that my issue is NOT addressed there.

on

I have searched this support forum (open and closed topics) and confirm this is not a duplicate.

on

I understand that topics in this category are triaged by a bot first but a human reply will follow up. If I’d prefer a human-only reply, I’ll add the no-ai tag to my topic.

on

Surya_Pratap · June 23, 2026, 7:04pm

Check image for error

Disrupt · June 23, 2026, 7:11pm

Also reported in Not able to send emails to certain domains due to DNSSEC error and noted that 0.16.9 does not have the issue while 0.16.10 does.

Surya_Pratap · June 24, 2026, 8:11pm

yes, you’re right, I’ve to use smtp relay ip address instead of hostname to bypass this error.

Topic		Replies	Views
Stalwart-cli snapshot not working as expected Issues	2	21	June 15, 2026
Not able to send emails to certain domains due to DNSSEC error Issues	8	99	June 24, 2026
BUG: ERR_CERT_AUTHORITY_INVALID upon installation Issues	3	21	June 15, 2026
DNS over TLS Configuration Questions	8	68	May 28, 2026
Stalwart v0.16.6 released Announcements	0	188	May 20, 2026