Well I came into a problem today while requesting a free SSL certificate from Letsencrypt through Virtualmin. 

I had recently added an alias domain and I went to get a new SSL certificate. I received the following error from the Virtualmin module:

mail.example.com challenge did not pass: dns :: DNS problem: SERVFAIL looking up A for mail.example.com
DNS-based validation failed : Failed to request certificate :
mail.example.com challenge did not pass: DNS problem: SERVFAIL looking up TXT for _acme-challenge.mail.example.com

When I looked at my DNS records for the domain I noticed the following message at the top of the page:

"Warning - errors were found in this domain's DNS records : This domain has email enabled, but none of the MX records point to it. Either the MX records should be corrected, or the email feature disabled if mail is hosted externally."

On the Virtualmin forum I found a solution.

Basically, what I learned from the forum was that I had to find the following line in my DNS zone file:

example.com. IN MX 5 mail.example.com.

... and change it to ...

mail.example.com. IN MX 5 example.com.

I saved the file and restarted Bind for good measure. The error went away.