3

I have an old domain that I want to re-purposes for a new website which will send emails. I'm using Asp.Net Core, if that makes a difference (I do not think it does). I've written several apps that send email in .Net and I feel quite confident my code is correct. I'm more confused about the DNS configuration, especially for the SPF records.

I'm hosting my DNS on Name.com. In the picture below, you can see the SPF record, which is

"v=spf1 include:_spf.google.com -all" 

DNS entries

However, I notice that some TXT records are quoted and some are not. So, I'm wondering if that makes a difference. A different question said that if the answer in the TXT record contains spaces, then it needs to be quoted. So I suspect that part is OK.

What I am struggling with is the actual format of this TXT record. You can see the MX record is

aspmx.l.google.com

I used to have an SPF record that included MX but since I only send via gmails servers (smtp.gmail.com) I took it out. However, the messages keep getting blocked.

To be specific, my website, which is hosted on Azure (but I don't think that makes a difference here), is sending via SMTP using smtp.gmail.com as the server address. When it sends to @gmail.com email address, the email gets blocked with my sending email address getting this message:

"Your message to, [email protected] has been blocked. See technical details below for more information.

"The response was:

"550 5.7.26 This mail has been blocked because the sender is unauthenticated. Gmail requires all senders to authenticate with either SPF or DKIM. Authentication results: DKIM did not pass SPF [trulymail.com] with ip: [209.85.220.41] did not pass To mitigate this issue, please visit Gmail's authentication guide for instructions on setting up authentication"

block message

When I send to non-gmail domains it works but for @gmail.com address, the messages get blocked.

It states this is a problem with the SPF record. However, from what I have read, my SPF record is setup correctly.

Is this an SPF problem?

If yes, can anyone tell me what the correct SPF record should be if anyone using my sending domain only sends through through either the gmail web interface or through smtp.gmail.com via a client / code?

1 Answer 1

7

Suspect the issue is the SPF record and those quotes.

If I do a DNS lookup for trulymail.com your SPF TXT record is being returned as :

trulymail.com   text =
        ""v=spf1 include:_spf.google.com -all""

so it's showing double quotes, and I'd suggest you need to remove those quotes in your DNS UI.

Edited to mention, if you do an SPF lookup online, for instance MX Toolbox it reports that you have no SPF record on that domain, which would also say to me that what you have setup currently isn't being seen as a valid SPF record.

2
  • 3
    Quotes are needed around the SPF string in a zone file, but if you're using a GUI DNS editor it will add them as needed, so they shouldn't put them in explicitly.
    – Barmar
    Commented Oct 30, 2023 at 15:10
  • Perfect. Works wonderfully. Thank you so much.
    – John
    Commented Oct 31, 2023 at 13:03

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .