- Newest
- Most votes
- Most comments
I contacted Google support. They reviewed my DNS records and couldn't figure it out. I continued staring at the records and resolved it independently. An error I received when trying to create my SPF record was that I already had an existing TXT record name for mydomain.com. (I don't understand why AWS doesn't support creating multiple TXT records with _____.mydomain.com?).
The other TXT record name that was using ______.mydomain.com was my Google verification record. I changed that to @.mydomain.com.
I changed the SPF record name to ______.mydomain.com and now Google is able to see my SPF, and my emails are being sent just fine.
For some reason, although Google instructed that I use @ for SPF records on AWS if I wasn't able to leave the record name blank, the record will not be found that way. They told me to contact AWS, but I figured it out (and now hope my Google verification record continues to work!).
I hope this helps someone in the future if they run into this problem with Google Workspace.
This was the answer for me too, removing the '@' and keeping the name blank. GPT had suggested using '@' but that did not work.
This was a life saver! It worked exactly as you described
It seems you're experiencing an issue with your SPF (Sender Policy Framework) record after moving your DNS management from Cloudflare to AWS Route 53. This is a common problem when changing DNS providers or updating DNS settings. Here are a few things to check and consider:
-
DNS Propagation: When you make changes to DNS records, it can take up to 48 hours for these changes to propagate fully across the internet. Although you've waited 24 hours, it's possible that some DNS servers haven't updated yet. You may need to wait a bit longer.
-
Record Configuration: Your SPF record configuration looks correct for Google Workspace. The record type (TXT), name (@), and value ("v=spf1 include:_spf.google.com ~all") are all as they should be for a basic Google Workspace SPF record.
-
Multiple SPF Records: Ensure that you don't have multiple SPF records for your domain. There should only be one SPF record per domain.
-
Name Servers: Verify that your domain's name servers at Hostway are correctly pointing to AWS Route 53's name servers. If the name servers haven't been updated, your new DNS settings in Route 53 won't take effect.
-
Record Visibility: In Route 53, make sure the SPF record is visible in your hosted zone and that it's not set to a different subdomain accidentally.
-
TTL (Time to Live): Check the TTL value for your SPF record. A lower TTL can help changes propagate faster, although it won't override the caching of DNS resolvers.
-
MAIL FROM Alignment: If you're using a custom MAIL FROM domain with Google Workspace, ensure it's properly set up and aligned with your SPF record.
If you've verified all these points and are still experiencing issues, you may want to use online SPF record checking tools to diagnose the problem further. These tools can often provide more detailed information about what might be going wrong with your SPF configuration.
Remember, moving DNS management can be complex, and it's crucial to ensure all records are correctly transferred and configured in the new system. If problems persist, you may need to consult with AWS support or a DNS specialist to troubleshoot further.
Sources
I changed DNS settings, but they haven't taken effect - Amazon Route 53
Supported DNS record types - Amazon Route 53
DMARC record problem - MAIL FROM record is not aligned | AWS re:Post
Relevant content
- asked 2 years ago
can you share the domain name and screen shot of the domain as this isnt sensitive data