Question
Failed to verify domain on Mailgun
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×This worked! I had to use the @ sign and I had to drop the .yourdomain.com, just as described by lukas.white.
Thank you so much for what you posted. This solved it for me as well.
The fix for the first TXT record (using @) works, but the second does not. Also, when I switch to using smtp._domainkey
instead of krs._domainkey
for the second TXT record (as instructed in the “Domain Verification & DNS” section on mailgun), the first TXT no longer works.
The change for the first fix occurred instantly, so I’ll leave it with krs._domainkey
for 48 hours to see if it decides to change its mind.
Thanks for the help!
After reading the above discussion, I still find this confusing to follow. Is there someone who can verify the following? If it’s wrong, please leave an example of what works so that anyone else who comes here gets a clear explanation. For example, should I be dropping the domain name from the cname entry?
RECORD TYPE | NAME | VALUE |
---|---|---|
TXT | my.domain.com | “v=spf1 include:mailgun.org ~all” |
TXT | pic._domainkey.my.domain.com | “k=rsa; p=165CHARACTERPASSWORDSTRING” |
CNAME | email.my.domain.com | mailgun.org |
Here’s a table showing what finally worked for me. The discussion above was very helpful, but below the table, I note the other tweaks I had to make. Other syntaxes may well work. I am just reporting what worked for me. Also, some of the stuff I’m writing may have just been obvious to others, but I hope this helps someone else going through this process for the first time.
my.domain.com
RECORD TYPE | NAME | VALUE |
---|---|---|
A | @ | 123.45.678.901 |
TXT | @ | “v=spf1 include:mailgun.org ~all” |
TXT | pic._domainkey | “k=rsa; p=165CHARACTERPASSWORDSTRING” |
CNAME | mailgun.org. | |
NS | ns1.digitalocean.com | |
NS | ns2.digitalocean.com | |
NS | ns3.digitalocean.com |
A: my.domain.com is the subdomain that I registered at mailgun. 123.45.678.901 is the IP address provided by mailgun (i.e. not the IP address of my DO droplet)
TXT (spf1): entering my.domain.com produced my.domain.com.my.domain.com in the zone file at the bottom. Entering @ produced just my.domain.com. (note trailing dot), which validated. The quotes around the value were necessary.
TXT (pic): Had to enter just pic.domainkey (no trailing dot) to produce pic.domainkey.my.domain.com in the zone file.
CNAME: email (no dot) mailgun.org. (note trailing dot)
With a turn-around up to 48 hours to see if the changes had propagated and were verified at mail gun, several steps of tweaking and waiting to see if it validated took quite a while. However, the printout of the zone file at the bottom of the digital ocean dns page was very helpful. When I finally got it to report back the fields as stated by mailgun, then it validated fairly quickly after that.
Why do you have “pic.domainkey” ? For me they say to put “krs.domainkey”..
Should I replace _domainkey with something specific or its this exact string?
Could you post your zone file with private things left out or *****ed?
Here’s my zone file.
$ORIGIN my.subdomain.my.domain.com.
$TTL 1800
my.subdomain.my.domain.com. IN SOA ns1.digitalocean.com. hostmaster.my.subdomain.my.domain.com. #### a bunch of numbers here ###
my.subdomain.my.domain.com. 1800 IN NS ns1.digitalocean.com.
my.subdomain.my.domain.com. 1800 IN NS ns2.digitalocean.com.
my.subdomain.my.domain.com. 1800 IN NS ns3.digitalocean.com.
my.subdomain.my.domain.com. 1800 IN A #### IP address here ####
Unfortunately, I have no idea what pic._domainkey means in the txt entry, although I believe I entered that exact string when registering. I’m sorry I can’t be more helpful, but I do not have a very high level understanding of the process, so just followed directions and kept tweaking things until it worked. If someone knows a tutorial that would explain the relationships among the various components in this process, that would be very helpful.
Thanks for the heads up at looking at the produced zone file at the bottom. In my case, the problem I had was that I registered a mail subdomain (e.g., mail.company.com) with Mailgun but was creating the records for company.com (not mail.company.com). Instead of creating a mail.company.com domain I entered the records as follows (taking from your example):
company.com
RECORD TYPE | NAME | VALUE |
---|---|---|
A | @ | 123.45.678.901 |
TXT | “v=spf1 include:mailgun.org ~all” | |
TXT | pic._domainkey.mail | “k=rsa; p=165CHARACTERPASSWORDSTRING” |
CNAME | email.mail | mailgun.org. |
NS | ns1.digitalocean.com | |
NS | ns2.digitalocean.com | |
NS | ns3.digitalocean.com |
Thankfully it only took a few minutes before these changes took effect and were verified by Mailgun.
Shane, briliant, thanks for sharing! This is exactly what worked for me after all the other guidance failed to solve the problem.
@GabrielM I would double check what the actual zone file shows in the area underneath where you enter DNS changes . Also make sure to use “ on the pic._domainkey
Hi! i have same problem with 2nd txt record.
This my zone file.
forodiablo.com.ar. 1800 IN A IP here
www.forodiablo.com.ar. 1800 IN CNAME forodiablo.com.ar.
*.forodiablo.com.ar. 1800 IN CNAME forodiablo.com.ar.
forodiablo.com.ar. 1800 IN TXT “v=spf1 include:mailgun.org ~all”
pic._domainkey.mail.forodiablo.com.ar. 1800 IN TXT “k=rsa; Code here”
email.forodiablo.com.ar. 1800 IN CNAME mailgun.org.
forodiablo.com.ar. 1800 IN MX 10 mxa.mailgun.org.
forodiablo.com.ar. 1800 IN MX 10 mxb.mailgun.org.
Can anybody help me?
To add my answer:
I added the following records - including the quotes:
Name | Text |
---|---|
example.com | “v=spf1 include:mailgun.org ~all” |
krs._domainkey | “k=rsa; |
p=165CHARACTERPASSWORDSTRING”
@ | “v=spf1 include:mailgun.org ~all”
krs._domainkey.litecampus.com
“k=rsa; | p=165CHARACTERPASSWORDSTRING”
I think that just the first two are needed, but now that it is working I’m not editing.
*how to add rows to the table in this editor?
Mine is not hosted at digitalocean but Hetzner. This is to CONFIRM that removing the domain name after key string WORKS both on GoDaddy AND Namecheap.
So I only put: krs.domainkey (for my godaddy one, without the domain name)
and mailo.domainkey (for my namecheap one).
Actually mailgun have put them on bold (which I guess it means that we only need to insert the blacked letters but this is not really clear.
The comments in this post help get me all setup with Mailgun, thank you!.
I published a short article outlining the setup at
https://medium.com/@a4word/setting-up-mailgun-on-digital-ocean-bd7d74e501f0#.ryosvs3x7