I manage the website traumabook.club (currently down), which is an online mental health community. We have email servers on Tutanota, and our DKIM/mta-sts/_mta-sts DNS records are not working as they are supposed to.

Tutanota support staff validated that my reccords were entered in correctly, so I thought i’d bring it to this community and see if anyone has any idea why it’s not working.

thanks in advance.

I have MTA-STS set up on most of my domains along with DKIM and all the other email type records.

Can you post a screenshot of the relevant DNS records? It should be two for mta-sts (A and TXT) and one for DKIM (TXT). It’s ok to black out the other records.

Hello! thank you for writing.

My mta-sts are all CNAME records, and my A records are all tutanota IPs ( as per their instructions here: https://tutanota.com/howto/#custom-domain)


I bet the problem is that they’re not set to :grey:. Give that a try and see if it works.

Hi! thank you for the response :slight_smile: i dont see an easy way to change it as you describe… the only options i see are setting an integer value for “Priority”… any suggestions?

Click on the :orange: and edit that record so it’s :grey:. I think that because all those CNAME records (except ‘www’) need to be :grey: in order to respond.

For example, the _mta-sts record needs to respond like a TXT record. It does not. It doesn’t even respond like a CNAME. It responds as an “A” record. And that’s because it’s set to :orange:.

Oooh i see, thank you so much for the clarification.

To be doubly sure, I do NOT need to switch “Proxy Status” from “Proxied” -> “DNS Only” for my A-type records, correct? And i also do not/should not switch the following to “DNS Only”:

www CNAME traumabook.club

Right. Leave your “A” records set to :orange:. Those have nothing to do with email delivery. And leave ‘www’ set to :orange: as well. Same reason – it’s website, not email.

