I am no longer receiving auth emails with the 6 digit codes for Access since modifying DNS records

As of about 5pm today I can no longer get Access to send out emails with the 6 digit authorization codes. I modified DNS records while on the phone with Bluehost in order to get website hosting working properly but indirectly it screwed up the Access emails. Please help soonest. Thank you

It sounds like you changed the DNS record for your incoming email server to be proxied. Your MX record must point to an unproxied :grey: record in order for email to work.

Mx record was changed to Bluehost and it is not proxied. What elsw could it be? Is there a way to test? I only have one MX record in, should there be two?

What is the domain name?

1 Like

Yeah, your MX records actually look fine, they are pointing to a :grey: DNS-only entry. There are two of them now, and they are the same, so you can delete one of them, but that won’t be causing any problem, it’s just redundant.

The mail server is answering on port 25 as it should.

So it doesn’t look like the problem is with DNS.

So what do you suggest I check? I use Access to secure a web app that I am sharing out and it uses email authentication (6 digit token) but the emails are not going out from Cloudflare. I tried on 3 different email addresses on different domains and none of them go. What could be the issue with Access? Regular email to my domain works fine. It is very strange.

Good question. Is this an Access setup that was already working? When you enter an email address on the login page, is it an address you have listed as authorized in your Zero Trust team?

I just tried on an app I have set up in Access, and if I enter an email address that I don’t already have listed as authorized, no email is sent (as the authentication could never succeed anyway). If I use the correct address listed on the team, the email arrives immediately. Could that be the issue? Are you trying to enter a new address on the login form?

Not at all!! Same addresses that I have been using for over 3 months.

The next thing I would check is the mail server logs, to see if the emails are being rejected for some reason, or if they are never hitting your server in the first place.

I sent to one of my Google Work addresses on another domain I own and the email went through. It seems to not be going through for the primary domain I sent you in the original response. What do you make of that?

Using a different mail server, I assume? That does indicate the problem is with your mail server.

So you do not think there is any issue with cloudflare at all. It is Bluehost?

That’s what it seems like. Specifically, your mail server. At least that would be what I would look at next.