DNS Authentication failing even with records there

Using ActiveCampaign to authenticate DNS records for sending out a newsletter and all DNS recods do show up correctly in Cloudflare DNS, yet authentication will not go through. Just had the same issue with Google workspace and Gmail. Any ideas why the authentication is stuck?

Sorry, using Cloudflare to authenticate DNS records for ActiveCampaign.

What is the domain and what records are you being asked to set?

1 Like

The domain is bassboss[dotcom]. The records are CNAME records from Active Campaign.

Posting as an image as it keeps flagging these as links.

These records are in there in Cloudflare and were put there by ActiveCampaign. For some reason they wont authenticate.

The DMARC record is ok.

The DKIM records are resolving but not showing the intermediate CNAME and returning the target TXT directly - check those records at set to “DNS only” and not proxied.

https://cf.sjr.org.uk/tools/check?c10885ea165d4f42a6032c51b3981b4b#dns-mail

The mail server CNAME is also proxied change that to DNS only as well.

If in doubt, show a screenshot of your DNS records page.

I was aware of the DNS only setting and have it set that way. Which is why i’m confused. Here’s the screenshot of the settings:

That looks ok.

Are you on a paid account? Can you check that CNAME flattening is set to “Flatten CNAMEs at apex” and not “Flatten all CNAMEs” in your dashboard here…
https://dash.cloudflare.com/?to=/:account/:zone/dns/settings

1 Like

K, made the change. Waiting to see if that does it.

Am i waiting the full 24 to 48 hours at this point? Nothing has changes so far.

Did the setting need to be changed?

There is currently an open issue with delays to DNS changes. Wait for that to be resolved…

Okay, thanks for the info. I’ll keep checking to see when that is resolved if it works or not. I’ll post again if that is fixed and still not working.

That appears to have done it. Do we assume it was the CNAME flattening?

1 Like

Yes, that was it.

1 Like

Okay, marking the solution. Thank you for the help!!! Hoping the same fix also fixes a similar problem with DKIM authentication for Gmail. Waiting to see on that.

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.