Netlify DNS connetion for domain and custom email

Hello, I am having some issues with my website, and I am not able to understand why hence how to fix them.
Site name: apexmanagement.netlify.app
Site domain: https://apexbuildingandmanagement.com.au/
Domain Provider: Crazy Domain
Email Provider: Microsoft 356 Business Basic Plan
Website Stack: Angular + Emailjs (using this to send the form date from my website to the custom domain email)
Deploy type: Manual

Issues:
I am encountering 3 issues:

  1. I deploy the website, this goes well. Then when I try to open the website with the custom domain it gives (sometimes) 403 error:
    You don’t have permission to access this resource.
    Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
    But sometimes, when it loads the website, if i refresh the page it shows the error pop up of: “Page not found, go back to website”.
  2. Domain Connection. I have added the name servers to crazy domain. The connection seems to be fine but I dont understand why the errors I decribed above.
  3. I want to use a custom domain with outlook. I have connected the spf, cname, and mx, i wanted to connect the dkim but neltify doesnt seem to provie this type. I have been runnin this command to see how the propagation is going and the answer i get:
    nslookup -type=mx apexbuildingandmanagement.com.au

Server: x
Address: x

Non-authoritative answer:

apexbuildingandmanagement.com.au mail exchanger = 0 apexbuildingandmanagement-com-au.mail.protection.outlook.com.

Authoritative answers can be found from:

However when i test the connection sending an email thru emailjs i get the following:
412Outlook: A participant without an email address is not allowed for ReplyTo property.

Thank you!

This isn’t an error from Netlify. This reads like the default error message on an Apache server. Does this happen on multiple devices or just one?

apexbuildingandmanagement.com.au is using Netlify DNS and appears correctly configured.

A DKIM is a TXT record.

While there are both SPF and TXT the SPF record type is rarely used and SPF records use TXT instead. You can leave this TXT

$ dig apexbuildingandmanagement.com.au TXT
apexbuildingandmanagement.com.au. 4502 IN TXT	"v=spf1 include:spf.protection.outlook.com -all"

and unless Microsoft 365 requires it, remove this SPF

$ dig apexbuildingandmanagement.com.au SPF
apexbuildingandmanagement.com.au. 4502 IN SPF	"v=spf1 include:spf.protection.outlook.com -all"

And I can see the MX record

$ dig apexbuildingandmanagement.com.au MX
apexbuildingandmanagement.com.au. 4502 IN MX	0 apexbuildingandmanagement-com-au.mail.protection.outlook.com.

Propagation does take time read: [Support Guide] Why do DNS / SSL changes take up to 48 hours to propagate? (TTL)

Thank you for your answer.
To your response: This isn’t an error from Netlify. This reads like the default error message on an Apache server. Does this happen on multiple devices or just one?
Yes, the same error appears in different devices. But that isn’t the only error. what also happens is that when the site loads. And i refresh the page, it give an error from Netlify. (View images of the two erros i encounter when loading the page)

About the email connection. I understand, I will remove the SPF and leave the others.

Thank you!

The error on the left it an Apache-style error message. This I cannot explain outright. Possibly the DNS of that computer system or network is stale. It may need flushing/rebooting to clear.

The error on the right is a Netlify error message. This error is showing because the site is built as an SPA (this is likely unnecessary; a purely static HTML/CSS/JS non-SPA site would suffice.) The solution to this is in

Related documentation is Rewrites and proxies | Netlify Docs

Hi, @micapiacenza. It look like you are running into issues with the previous DNS records sometimes being returned due to time to live (TTL) issues as mentioned above. I don’t think the 403s are from Netlify but are instead coming from some previously used service.

About getting the email to work again, there is a support guide about this here:

There are three solutions in that section above. I would recommend solution 3 in this situation. Revert back to your registrar’s DNS service and then use the external DNS instructions instead:

If there are any questions about that solution or the other two (whichever you are most interested in), please let us know.

Hi, thank you for your reply, it has been very helpful. I was just wondering if I could connect DKIM with Netlify. When I go to add a new record doesn’t seem to have that option? At this point, the MX, TXT and CNAME connection from Netlify seems to be correct.

DKIM is not a record type. You need a TXT record and paste the DKIM value in there.

Okay, thank you for clarifying that. So I have two host for DKIM. I would add a record of type TXT for each host? SO in summary, this is what i have to connenct and the types for Netlify:

MX Record - Record type in netlify: MX
Host: apexbuildingandmanagement.com.au
TTL: default
Value: x

CNAME Record - Record type in netlify: CNAME
Host: x
TTL: default
Value: x

SPF Record - Record type in netlify: TXT
Host: x
TTL: default
Value: x

DKIM Record
Record type in netlify: TXT
Host: selector1.x
TTL: default
Value: x

Another Record type in netlify: TXT
Host : selector2.x
TTL: default
Value: x

Yeah, you need to add 2 records, each for the mentioned host with its value.

1 Like