I have one domain with Google Cloud DNS. My SPF record doesn't work with mailgun domain verification
v=spf1 include:spf.protection.outlook.com include:_spf.google.com include:mailgun.org ~all
anyone facing the same issue?
thanks
In case anyone need answer here's how i fixed it
via Google cloud control panel i added opening and closing quote to TXT spf record
"v=spf1 include:spf.protection.outlook.com include:_spf.google.com include:mailgun.org ~all"
thanks
Related
I have hosted a website using the LAMP stack in AWS Lightsail.
I am trying to enable SSL certificates for AWS Lightsail and custom DNS Cloudflare. I have already tried all the steps from 1-18 listed in the below article
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/verify-tls-ssl-certificate-using-dns-cname-https
Additionally, I added two CNAME records to my Cloudflare one for the root domain and the other for the www subdomain with a target as the Lightsail Load balancer and proxy status as proxied (tried DNS only).
I have tried all the possible combinations to make it work however, even after a couple of days status is showing as validation in progress.
Just wanted to check if anyone else had faced the same problem or if someone can suggest some troubleshooting steps or if I have missed anything?
Thanks in advance!
Regards,
Piyush
Try adding a CAA record pointing to amazon.com in your Cloudflare DNS settings. Then create the TLS certificate from your Lightsail load balancer page.
If the above doesn't work I suggest you install AWS CLI and perform a aws lightsail get-load-balancer-tls-certificates. The response will show a failureReason field which will help you investigate. For example if the failureReason field returns "CAA_ERROR", then adding CAA records as I descibed above will solve the problem.
get-load-balancer-tls-certificates' documentation: https://docs.aws.amazon.com/cli/latest/reference/lightsail/get-load-balancer-tls-certificates.html
Actually, I made a mistake while creating the CNAME record hence, it was not validated. After removing some additional fields from the string, worked!
Thanks
I've got an application that is hosted on aws, but mail is sent via google. I'm using Route 53 for my DNS. I'm trying to figure out what to use for an SPF record within Route 53 to enhance the deliverability of my emails.
Within the SPF record, I understand that I need to specify the mail server in either domain, ip4, or ip6 format.
Within the SPF record, would I use the ip address of my load balancer on aws or would I specify my domain name? Alternatively, should I indicate a domain name or IP address that represents GSUITE's servers?
I'm very confused. Thanks for your help!!
You need to follow this guide which gives you the SPF record to use for your Google email service. Since your load balancer and AWS servers are not involved in your email service, they would not be included in the SPF record.
I have a domain that registered on company that just provide just domains, I made workspace google emails on that domain, and i have web host in small company.
I want buy web hosting on HostGator and redirect the domain and google emails there.
I know how to redirect domain to the HostGator DNS, but for the emails I don't know how
how can redirect the emails, will the emails stop working and for how long?
Thank you
Domain names (website etc) work with A and CNAME records.
Emails work with MX records.
So, if your google MX records are set and working, all you need is to add A / CNAME records to get the website to work.
This will not cause any downtime at all.
You need to set MX records of your Google Mail server at your DNS zone. Because mail server uses MX records.
Thank you,
Harsh Sheth
I want to send email using AWS Simple Email Service from my domain email address, but during configuration, finding verification issue by AWS.
1) I have purchase domain from GoDaddy and create email with that domain.
2) Register my domain in AWS portal.
2) To enable email serviice, AWS provided me TXT and CNAME record, which were supposed to be set in DNS record in GoDaddy Portal. I hhave done that setup.
3) AWS supposed to verify those record fron DNS setting but it is not able to verify.
Please help, Thanks in Advance :)
Just for better visibility, #michael-sqlbot's answer is working.
If you have put-this-into-host.your-domain.com then just use put-this-into-host, because the domain will automatically be suffixed.
I have some email service additional to mailgun that automatically sets SPF record in DNS. There is option to add extra host to this SPF record however it does not make domain verified...
My SPF record looks like this:
v=spf1 +a +mx +ip4:11.11.11.11 +include:mailgun.org ~all
I've tested it with http://www.mail-tester.com/spf-dkim-check and SPF record exists. However in mailgun manager when I click "Check DNS records now" it complains about SPF (DKIM / CNAME are OK). What can I do? I can't edit SPF record manually because it is auto-genarated by other email service.
Based on what you're saying, it sounds like your SPF is OK. Send an email from Mailgun using this Mail tester, it will tell you if the SPF Passes. I'm wondering if MailGun has an issues with the "+" qualifier, it's the default and is not needed.
Your primary spf record should end with -all. ~all is used for testing (SoftFail).
The ip address with the most mail traffic should be in your first spf record.
-all (Fail) for production systems
v=spf1 a mx ip4:11.11.11.11 include:mailgun.org -all
optimized for ip 11.11.11.11 reduced dns queries
v=spf1 ip4:11.11.11.11 a mx include:mailgun.org -all
Tools for check your mail server configuration (SPF/DKIM/SpamAssassin/Blacklist)
https://www.mail-tester.com
https://www.unlocktheinbox.com
http://emailaudit.com
http://dkimvalidator.com