Gmail bounceback and old qwestoffice domain, new cloudflare acct

Creating this because I cannot find a place to live chat or email with an expert.

The main issue can be categorized as “emails sent to gmail from any of our domain emails bounces back”. But this goes a bit deeper into hosting by centurylink and setting records in DNS.

To start, I am an employee of 3 years. This system was set up long before me and not well managed because it passed from hand to hand, and because it didnt really need any changes. Originally set up through QwestOffice, it is now run through Centurylink, because of a business merger or something.

We have access to the centurylink login for billing, and setting up vanity domain email accounts. There had been no indication of a Cloudflare affiliation until this issue arose.

A couple months ago any email sent from our domain emails to a gmaildotcom email address sterted being bounced back with this: (I have to delete parts to “remove links” in this, I will use “dot” in place of certain dots)

[email protected](mailto: [email protected]) host gmail-smtp-in.l.googledotcom [142.250.98.27] SMTP error from remote mail server after end of data: 550-5.7.26 This message does not have authentication information or fails to 550-5.7.26 pass authentication checks. To best protect our users from spam, the 550-5.7.26 message has been blocked. Please visit 550-5.7.26 https ://support.google.com/mail/answer/81126#authentication for more 550 5.7.26 information. b10-20020a05612202ea00b00344aee57471si419119vko.235 - gsmtp

Upon researching, and contacting both gmail and centurylink support, I find that google had indeed implemented changes recently that would cause this, that we need to have an S P F set up in our domain’s DNS to fix it, that our domain has no S P F record currently registered in the DNS, and that Cloudflare is our DNS provider.

So, trying to contact Cloudflare support, I find that I have to have an account just to talk to anyone. But also, it seems that we have never set up an account with Cloudflare for our domain, (probably because we assumed it was run through centurylink).

I set up an account and told it our domain. it “seems” to recognize that we have it, but it was a little too easy, like anyone could have taken it.

I set the SPF into the DNS in a TXT file, per centurylink instructions.Type: TXT/SPF
Source: mresearchdotcom
Destination: v=spf1 include:mfg.siteprotect.com ~all

But I have no idea if I am doing this right, If I am actually hooked up to, and controlling, the right domain, if that is the correct SPF entry to add, if there is some changes to the centurylink DNS settings, etc.

I searched the FAQs and various help forum posts, none really address the “do I actually have control of the mresearchdotcom DNS?” and “am I doing the SPF correctly?” questions I have.

I have come pretty far, but at this point I am lost. I just want to live chat with a support agent, but if anyone can give me a better idea of what is going on…

Your SPF record will need to include the ‘sending’ domain or IP addresses that are being used for your emails.

As an example, if you used Google Workspace, then it’d look like this:

v=spf1 include:_spf.google.com ~all

In the event that your emails are being hosted by CenturyLink and they’ve told you to use mfg.siteprotect.com then you’d add a TXT record for @ with the value of v=spf1 include:mfg.siteprotect.com ~all in https://dash.cloudflare.com/?to=/:account/:zone/dns

1 Like

Here is what I input…it looks like I may need to change the “name” to “@”?

Sorry, I mean, here is what I HAD previously input…do I need to change it to @, and is there a waiting time after making those changes? Centurylink has a 4-6 hour wait…

It should turn @ into mresearch.com for you - they mean the same thing, both refer to your apex domain aka mresearch.com

The changes should be pretty much instant but can take a day or two for full, global propagation.

I can’t see that record from my side at the moment though. On that same page, scrolling down a little bit, what two nameservers do you have under Cloudflare Nameservers?

They should match what whois has for your domain which is:

   Name Server: APOLLO.NS.CLOUDFLARE.COM
   Name Server: TRICIA.NS.CLOUDFLARE.COM

I am seeing this

is there any way to change these? obviously a mismatch suggests there something going on, yes?

You will need to sign in to your Network Solutions account and update the nameservers for your domain to match those assigned to your domain in your Cloudflare account.

Based on your screenshot, that means you would change out apollo and tricia for liz and watson.

1 Like

I am not sure what the “network solutions” account is…is that within Cloudflare? within centurylink?

Network Solutions is the registrar where your domain is registered. If you don’t manage your domain registration directly with them, you will want to use the management tools provided by the affiliated party where you obtained your domain registration, which may be CenturyLink since you use them for hosting.

Thank you for answering, I am not familiar with this, it has sort of fallen into my lap. When I look at centurylink, I see things like these…is this what I would change to match the Cloudflare nameservers?

My impression is that centurylink has taken a very handsoff approach to serving our account, and I dont have a lot of options aside from these DNS settings, which apparently the S P F doesnt work on.

image

Based on that screenshot, it sounds like your domain is registered directly with Network Solutions. You will need to find your account details and login there to update your nameservers. If you are unable to locate that information, you will likely need to contact them to see if they can help you reset your access.

1 Like

ok, ill look into that a bit, thank you

I have to say, this is a bit disturbing, how many other companies/sites I need access to, just to make it so that my emails can go to gmail…this really feels like something centurylink should be dealing with. Sorry, just ranting.

Well, Network Solutions said they dont host the domain or the email, so there is nothing they can do. They said I have togo back and talk to the email host, which I gather is centurylink…They also said I should be able to change the nameservers in Cloudflare, but I cant find a way to…But also, I worry, why do they appear to be different? Why would we have functioning email and domain (aside from gmail), but not have matching nameservers? If I were to change them to match, would that just mess things up?

Network Solutions doesn’t host the domain or the email, but they unequivocally hold the registration.

$ whois mresearch.com
Domain Name: MRESEARCH.COM
Registry Domain ID: 868929_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.networksolutions. com
Registrar URL: http:// networksolutions. com
Updated Date: 2018-09-05T17:49:47Z
Creation Date: 1995-09-04T04:00:00Z
Registry Expiry Date: 2023-09-03T04:00:00Z
Registrar: Network Solutions, LLC
Registrar IANA ID: 2
Registrar Abuse Contact Email: [ELIDED]
Registrar Abuse Contact Phone: +1.8003337680
Domain Status: clientTransferProhibited https:// icann. org/epp#clientTransferProhibited
Name Server: APOLLO.NS.CLOUDFLARE.COM
Name Server: TRICIA.NS.CLOUDFLARE.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https:// www.icann. org/wicf/
>>> Last update of whois database: 2022-05-27T18:48:27Z <<<

(Note, some of the console output that I pasted above has been slightly modified to prevent unnecessary links and email address exposure.)

Now that you have all of the relevant information assembled, you have essentially hit the limit of what the Cloudflare community can fix for you. If you have an IT department or dedicated IT service provider, that is who would be best suited to remedy your situation if you are making no headway for your service providers.

1 Like

We are a small company, I basically am the IT department. Our website and email provider (provider may not be the correct word) is centurylink, and beyond that, all of this is confusing and unclear. I just want ot make it so that we can email gmail accounts again.

I see that Cloudflare and network solutions obviously play some role in all of this. We have never had a Cloudflare account until yesterday, and Im still not sure if I have set that up correctly, so those nameservers with “liz” and “watson” may not even be relevant? I dont know, I wish I could just talk to an actual customer service agent with Cloudflare who has account access and can make these changes for me.

When I look into our IT notes and passwords, I see that we used to have a Network Solutions account, but I no longer have access to it. (probably because it was created many years ago?) I assume that was to register the domain name?

So, I am basically back to square one, it seems. contacting centurylink again is the only thing I can think of, but they werent able to help, seemingly

Agents are in the Community on a regular basis and a lot of the other Community members can escalate posts to their attention if needed.

I can see that. But I can also see that the domain you shared has been active off and on with Cloudflare https://securitytrails.com/domain/mresearch.com/history/ns

I do not see any changes with the active domain that would affect email, so suspect the root cause is with your email provider. This input is spot-on

I suspect you are going to need to either find your email provider or find a new one, add the site to your account here, select a plan type (I’d start with free) and then change the nameservers at


A final note, we cannot make changes to your account, but we are here to help along the way with #tutorial #CommunityTip and Community advice & insight.

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.