I am unsure if this is the right forum to post…
I am using the Cloudflare free DNS plan and I am trying to setup some mail-related TXT records. However, just 1 out of 3 TXT records got published (the SPF record). Does anyone know if there is a reliable fix for this? I’ve already tried deleting and re-creating the TXT records that are unpublished - no result.
I noticed a lot of other users having had the same issue in the past (I did my google search). I couldn’t find any answer that closely resembles a solution. Are Cloudflare free DNS plans unreliable or is this some issue that Cloudflare might fix?
There’s no restriction on the free plan you should be hitting. Are you sure they’re being saved?? i.e. they’re not the same record name so subsequent records just don’t save as the first one exists?
In the case of SPF records you need to combine all the pertinent data into the one record. the presence of more than one SPF record is against RFC and can cause any and all the be ignored, IIRC.
Yes, I do have only one SPF record (it is a TXT record with the correct format generated by Cloudflare via the wizard).
The other two records are the DKIM and the DMARC TXT records - both related to email security. One of them I generated locally using a tool (opendkim) and the other was also generated from the Cloudflare panel inside “email security”.
I myself have DMARC and DKIM records stored just fine (as would most user with any decent email security in place). They shouldn’t clash in any way shape or form due to the presence of the DKIM selector and _dmarc prefixes so this is odd.
Post a snapshot of the TXT records in your DNS dashboard, so we can see what you have saved and can query the domain to see what’s being returned.
Looks like propagation issues, maybe? Give it time and you should be a-ok.
One thing to bear in mind is the white space I’m getting returned in your DKIM record, that’s not right but we’re talking record semantics now, and not your original issue.
HMU if you see problems after flushing DNS cache and giving it a little while to work it’s way around the web.
Thank you very much for the support!
I think I’ve just been querying the TXT record wrong. I expected that all of them should appear as part of the @ record – i.e. host -t txt parsagency.com
should return all 3 TXT records - but I was wrong. Thanks for pointing that out.
I also used this command to try and verify my setup: opendkim-testkey -d parsagency.com -s dkim -k dkim.private
However, it seems to always time out (although on the same machine I am now able to query the 3 TXT records).
By the way, the whitespace is only output by your system. I checked the TXT record again and it does not contain spaces in the middle of the public key param “p”. When I run the same command I don’t see it.
Anyway, your help is highly appreciated! Thank you!
Yes, I have been using it as well. I was just waiting for those TXT records to “appear” although they probably were there already. With DKIM setup I expect to get a result of 10/10 now
