4

I have a domain (qplum.co) set up at NameCheap. I am trying to set a TXT record for setting up SPF for Mandrill but for some reason, this record is not being detected at all by any of the tools.

This is how my DNS settings look like in NameCheap's control panel (@ means none, or the bare domain "qplum.co"):

@ CNAME qplumLB-804948472.us-east-1.elb.amazonaws.com.

@ TXT v=spf1 include:spf.mandrillapp.com mx ~all

mandrill._domainkey TXT v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb--trimmedAB;

None of the online SPF tools (or command line tools such as dig or nslookup) are able to detect the SPF record (or any other TXT records). This SPF validator tool gives the following error: "Results - Permanent Error Void lookup limit of 2 exceeded". The strange thing is that Mandrill recognizes the DKIM but not the SPF record.

What am I doing wrong?

curiousboy
  • 183
  • 1
  • 5

1 Answers1

4

You used a CNAME for your zone apex, thus all other records for the domain are being ignored. If you actually want to place other records in the zone, you cannot use a CNAME at the apex.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
  • 2
    Apex CNAMEs are second in line to the devil! The devil is apex CNAMEs themselves. – Wesley Feb 13 '15 at 07:10
  • Ok, got it. I changed the record type from CNAME to A and gave an IP of one particular EC2 instance and it seems to work. All traffic on qplum.co will be handled by one single EC2 machine though, which is less than ideal. – curiousboy Feb 13 '15 at 07:32
  • @NileshTrivedi To fix that problem, [follow these directions](http://serverfault.com/a/576469/126632). – Michael Hampton Feb 13 '15 at 07:38