diff --git a/dnsapi/dns_nsupdate.sh b/dnsapi/dns_nsupdate.sh
index ddf9875d..a7957a2e 100755
--- a/dnsapi/dns_nsupdate.sh
+++ b/dnsapi/dns_nsupdate.sh
@@ -15,9 +15,15 @@ dns_nsupdate_add() {
   _saveaccountconf NSUPDATE_SERVER_PORT "${NSUPDATE_SERVER_PORT}"
   _saveaccountconf NSUPDATE_KEY "${NSUPDATE_KEY}"
   _saveaccountconf NSUPDATE_KEYDIR "${NSUPDATE_KEYDIR}"
+  # try to find a matching key
   if [ -r "${NSUPDATE_KEYDIR}/${basedomain}.key" ]; then
     NSUPDATE_KEY="${NSUPDATE_KEYDIR}/${basedomain}.key"
     _info "using non default key ${NSUPDATE_KEYDIR}/${basedomain}.key"
+    # try to use the current SOA of the domain as nameserver
+    if [ -n "$(command -v host)" ]; then
+      NSUPDATE_SERVER="$(host -t SOA "${basedomain}" | cut -d ' ' -f5 | sed 's/\.$//')"
+      _info "using non default server ${NSUPDATE_SERVER}"
+    fi
   fi
   _checkKeyFile || return 1
   _info "adding ${fulldomain}. 60 in txt \"${txtvalue}\""
@@ -41,9 +47,15 @@ dns_nsupdate_rm() {
   [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost"
   [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53
   [ -n "${NSUPDATE_KEYDIR}" ] || NSUPDATE_KEYDIR="${LE_WORKING_DIR}/keys"
+  # try to find a matching key
   if [ -r "${NSUPDATE_KEYDIR}/${basedomain}.key" ]; then
     NSUPDATE_KEY="${NSUPDATE_KEYDIR}/${basedomain}.key"
     _info "using non default key ${NSUPDATE_KEYDIR}/${basedomain}.key"
+    # try to use the current SOA of the domain as nameserver
+    if [ -n "$(command -v host)" ]; then
+      NSUPDATE_SERVER="$(host -t SOA "${basedomain}" | cut -d ' ' -f5 | sed 's/\.$//')"
+      _info "using non default server ${NSUPDATE_SERVER}"
+    fi
   fi
   _checkKeyFile || return 1
   _info "removing ${fulldomain}. txt"