Hi, I am trying to setup my dns to be used for email on iCloud. I run into an issue with SPF, even though I have tried setting it up as a TXT and another time as SPF.
iCloud instructions say to set the value as ““v=spf1 redirect=icloud.com”” so I tried with and without the quote marks.
Hey, I’m having the same issue - did you use single quotes or no quotes at all? Everything I’m trying seems to throw the same “Check your SPF record” issue with Apple. Thanks!
It takes time for DNS records to propagate—anything up to 48 hours—so you may just need to wait a little longer.
If you are still having issues, can you provide the domain you are setting these records for.
v=DMARC1; p=reject; exact value TXT 3600 _dmarc.<your.domain> sig1.dkim.<your.domain>.at.icloudmailadmin.com. exact value CNAME 3600 sig1._domainkey.<your.domain> v=spf1 include:icloud.com ~all exact value TXT 3600 (already mentioned) apple-domain=<id> exact value TXT 3600 (I was able to do this from my phone and netlify DNS console on my desktop).
Hey did you ever fix this problem? I fixed by SPF by using the TXT after realizing the apple instructions created a depricated error which is good–I like that, one problem solved.
Now, I’m getting “Verification code cannot be found in domain” after tapping “Records are Updated” in Apple’s iCloud+ Customer Email Domain Setup menus–all I can do is dismiss the dialog prompt and left with no other recourse. Now seeing that “CNAME” record is not propogating on DNS Checker. So that could be an issue, but all instructions have been verified by chatGPTs image reader via copy-pasted instruction sets.
Anyone have an answer? Pretty sure I’m getting close to or over the 48hr mark, and obviously a TTL time of 1hr or less isn’t going to assist in this process, going to leave my settings and records the way they are.
Hi, @domaincarpenter. Netlify’s support team (meaning my colleagues and me) can assist with debugging Netlify’s services including our DNS service. However, we cannot debug iCloud.
If there is a DNS record not working, please let us know what DNS record that is. However, if the iCloud verification isn’t working, we don’t have any way to debug that as we have no access to those systems to do so.
Most of it’s unrelated to adding the custom email domain–although today with the ios17.3.1 they’ve moved the menu for assigning the custom domain.
Aside from that, I’m just looking at getting this domain working corecontracting.pro, CNAME–not propgating, mx–IS propogating (Globally), TXT- IS propagating (Globally–aside from UK 37.209.219.30)
I do have one error:
SOA Serial Number Format is Invalid dns1.p01.nsone.net reported Serial 1707331165 : Suggested serial format year was 1707 which is before 1970
Not sure how you would encourage users to avoid this in the future–seems like an error on my part? Going to keep debugging here.
The serial number is the time of last modification to the zone’s data file expressed as the number of seconds since the UNIX epoch. This method is used by default in the djbdns suite.[7] Although it uses a 32-bit counter, it is not susceptible to the year 2038 problem due to the effect of serial number arithmetic.
So 1707331165 is the timestamp which you can use Epoch Converter to decipher.
Again, the only CNAME is working when I test. If there is another CNAME not working for you (or if this domain name isn’t working for you), please let us know the exact domain name which was created but isn’t working.