Hi, admittedly I am a bit green here but I try to do things myself when I can, so be patient with me!
I am not able to send emails to Gmail. It works on Yahoo, iClouds but not Gmail.
The email return with ‘Mail delivery failed’ and the following: ‘crystalhealinglondon com’ has an SPF record
550-5.7.26 with a hard fail policy (-all) but it fails to pass SPF checks with
550-5.7.26 the ip: [185.56.87.12]. To best protect our users from spam and
550-5.7.26 phishing, the message has been blocked.
Now I tried to adjust SPF and when I check DKIM and DMARC they’re both set up but now I’m doubting if they are correct.
I’m not sure what to do now. Can anybody help please?
Many thanks
You have 2 SPF records, but you can only have one. None of them seem to be correct, so you should delete both and follow your email providers guide on setting up SPF.
crystalhealinglondon.com. 300 IN TXT "v=spf1 -all"
crystalhealinglondon.com. 300 IN TXT "v=spf1 crystalhealinglondon.com -all"
Assuming 185.56.87.12 is your origin IP address and from where email is sent, you need to delete the above two records and replace with…
v=spf1 ip4:185.56.87.12 -all
(the first of your two records says “no server may send email on behalf of this domain” and the second says "only the IP address of crystalhealinglondon.com may send email on behalf of this domain - which won’t work now you are behind Cloudflare).
If in doubt, use ~all instead of -all while you check it all out so no mail is hard rejected based on the SPF.
I did exactly what you reccomended: it works fine if I use my webmail from SiteGround but when I use my Apple Mail the emails are rejected…
I tried ~ for the soft but - works better
What else could it be?
I think that at this point I’m giving up on Setting a DKIM and DMARC myself and have my name servers pointing to SiteGround. They provide it all…
If only I could find where to change them, as I have been spending a good 1/2h to figure it out in Cloudflare
You create a DKIM record in the exact same place where you created the SPF record, you only change the name to default._domainkey (and obviously the content).
I can see that you do have a DKIM record for your domain, so you must have found it?
Did you make any changes? I saw SPF passing in the test you made earlier, but you seem to have changed the SPF record again, and the new version is again not working.
I was suggested by SG to change it. They said on their blog it was to be sure it all is sent from their end.
I agree about DKIM but I tried to create one but it’s all so coplicated. I lost myself when I had to find a selector and MD5 my website and Sha-256 encyption.
If there was somehow/where to find it all step by step I’ll do it myself but so many w/sites saying things I don’t fully know…
Your email provider gives you a list of DNS records that you need to create, and you create them by copy/pasting. There’s really not much that you have to do yourself.
There is no way to tell what your DKIM record should be. You need to go to Siteground, disable/enable DKIM and then copy the DKIM record that you can see in the Siteground DNS overview.
Thanks to all of you and cloudflare for this amazing thread community. I was facing the same issue but, after joining this community and reading this thread I have resolved my issue.
Thanks
SG says that unless my nameservers point to them, they won’t be able to provide anything… even though they provide my email.
Between CF being down and my internet booster being down, it took me a while to respond but I appreciate yours and everyone else’s help.
It appears that I might need to do things my way