DNS Cache - advice and/or experiences

Following the documentation:
“Note that installing a caching name server is absolutely critical when you are using a high performance mail engine. Please do yourself a favour and install bind (or some other caching name server) and test it now.”

After some (load)test I arrived at this solution: I installed Unbound (lighter than BIND9) in iterator mode (no DNSSEC validation) at the host level, and in /etc/resolv.conf I only have nameserver 127.0.0.1. This way both the host and Kumo go through Unbound, which only does forwarding and caching (for both internal and public zones). This avoids differing behavior between the host and Kumo.

Or would it be better ( but I can’t find any valid reasons ) to keep the host using the standard resolution (i.e., internal nameservers) and point Kumo to localhost Unbound via configure_resolver - KumoMTA Docs and eventually use the /opt/kumomta/sbin/resolve-site-name?

Note that for internal zone the cache is disabled

Any advice or experience?

Typically, I install Bind on the local node and by default it installs as a caching server.
KumoMTA by default will use the local resolver, so in theory, you should be able to just install both and by default it should “just work”.
However, if you are using unbound, and want to do it with custom settings, you can follow this to use Unbound instead of Hickory.

So your setting as described where “…both the host and Kumo go through Unbound, which only does forwarding and caching …” should be fine.