Not receiving verification email for domain registered under .au

Hey,

I’m not receiving the verification emails for my domain registered under .au (ike.au). This is despite both other providers and Cloudflare Community itself being able to send emails to there just fine.

I’d submit a ticket but the site isn’t letting me!

I do not see the bounced emails, but did send you a verification email. Can you add the following emails to your allowlist at your origin mail server: [email protected] and [email protected]

Hey there,

Even with the emails in the allowlist, I still havent received any verification emails. Postfix logs don’t even show a connection attempt from Cloudflare.

is it the same email you are using here?

Hey @ike2,

I just did a dig on ike.au for any MX records and I’m not getting anything using Cloudflare or Google. I can see your domain nameservers are pointing to Cloudflare’s NS. Could you verify that the DNS records are setup correctly in your Cloudflare Dashboard?

Hey @cloonan, yes it is the same email as used here

Hey @baileystringer, I’ve double checked and the MX record is definitely set up correctly within the Cloudflare panel:

This exactly matches how MX is entered for another domain of mine, ike.id.au

Hey man,

I still can’t get anything using dig on your domain.

Could you try maybe putting the IP instead of mail.xxx.xxx. The IP I’m getting for that would be 139.99.220.222.

So just replace the mail.cocytus.services with the above IP, feel free to ping it as well to verify you get the same IP incase you don’t feel comfortable getting a IP from some random on the internet :joy:.

All the best, hope we can get it working for you. Can you receive mail from anyone else? Id be happy to send through a test email if you need.

Hey @baileystringer,

I’m not too keen on replacing the MX record with an IP, as it uses TLS certs tied to that domain.

HOWEVER,

it turns out the issue was bogus DNSSEC data entered in at the registrar. My registrar copies over DNSSEC data from previous domains. Usually this works fine, however Cloudflare appears to have assigned a new DNSSEC key to this domain.

This would be why some sites could email whereas others couldn’t. If they used a resolver that didn’t verify DNSSEC or climbs down the DNS tree themselves, they’d resolve it just fine. But if they relied on an external resolver (like 1.1.1.1 or 8.8.8.8) they’ll get EDE: 6 (DNSSEC Bogus) (well, not with Google).

I’ve resent a verification email and received it just fine now, thank you for your help!

2 Likes