Score:1

Gmail account with custom domain can send emails to Outlook accounts but cannot receive emails from them

eu flag

I set up a custom domain autoinfo.cl at Gmail with Route53 AWS. I followed all the instructions described in Google Workspace to set MX records in DNS Manager.

Gmail account works fine to send and receive emails to any other gmail account, but for Outlook or Hotmail accounts only emails can be sent. When I try to send an email from my @outlook.com or @hotmail .com account to any account with the domain @autoinfo.cl I get the following message in the Outlook account:

....

Generando servidor: DS0PR19MB7298.namprd19.prod.outlook.com Servidor de recepción: DS0PR19MB7298.namprd19.prod.outlook.com

[email protected] 10/24/2022 9:47:48 PM - Server at DS0PR19MB7298.namprd19.prod.outlook.com returned '550 5.4.312 Message expired, DNS query failed(ServerFailure)'

....

I don't understand if I need to add another configuration or what is the problem itself, because as I said the domain works fine for any gmail account.

Best regards.

Marco Vivar De La Cruz avatar
eu flag
@anx So you tell me that the problem is a misconfiguration with the DS records? In any case, it is rare that it only affects Microsoft messaging services. I will try to communicate with the service that provides the domain to deactivate the DS records.
anx avatar
fr flag
anx
I see confusion around DNSSEC as a strong indicator of something having gone wrong, something for which a detailed plan of responsibility for continued maintenance and procedures for changes should have existed. You may be facing more than this particular technical problem, but rather an organizational problem that will manifest in other areas as well.
anx avatar
fr flag
anx
It is unsurprising to have badly broken DNSSEC affect only part of your electronic mail. There are mail operators that completely disregard the fact that those records should have been signed. Also, depending on configuration, some provider-internal mail routing will not need to depend on MX lookups altogether.
Marco Vivar De La Cruz avatar
eu flag
@anx Thank you very much, I contacted the provider to delete the DS records and everything worked correctly :).
Score:1
eu flag

As evident from looking up the domain using DNSSEC-aware software, the problem was that there was an old configuration that had not been updated and meant active DS records were still published in the parent zone, yet the records are no longer signed.

At the time of deleting the DS records everything worked correctly, now including providers that do validate their lookups.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.