iCloud custom domain for email - DMARC/SPF/DNS

I have worked on moving my email domain from google to iCloud using a custom domain, but I want to finalise the setup, iCloud keeps returing two DNS errors. I am pretty sure I have correct records, but when iCloud tries to verify the DMARC/SPF setup, I get different error message search time. It switches between "Check Your TXT record" and next time I try to verify, iCloud returns "Check your SPF record". It was been the same behaviour for the last 12 hours and I am sure my zone I populated.

Anyone who have the same experience ?

[mic@tux ~]$ host -tany therealm.dk therealm.dk has SOA record ns1.quickdns.dk. hostmaster.quickdns.dk. 2021100128 14400 7200 2415600 3600 therealm.dk has SPF record "v=spf1 redirect=icloud.com" therealm.dk mail is handled by 10 mx01.mail.icloud.com. therealm.dk mail is handled by 10 mx02.mail.icloud.com. therealm.dk descriptive text "apple domain=i1UB7SLahTJkU56g" "" "" "" therealm.dk descriptive text "v=spf1 redirect=icloud.com" "" "" "" therealm.dk name server ns3.quickdns.dk. therealm.dk name server ns2.quickdns.dk. therealm.dk name server ns4.quickdns.dk. therealm.dk name server ns1.quickdns.dk. [mic@tux ~]$

have you tried to put the TXT values inside quotes? Some dns management portals does it automatically and some doesn’t.

Same issue to me. I got the spf configured as specified by Apple Assistant but I get an SPF error when trying to complete the configuration and I also get a « no DMARC record found » by using https://mxtoolbox.com/

Did you ever resolve this? I have something similar...

I have the same issue, check your SPF record even though it's correct and populated down from my nameservers. Have tried the record with quotes, no quotes, nothing seems to work.

I was having the same problem. My domains are registered on cloudflare.com so my solution may be specific to their setup. The solution is I had to disable proxy status for CNAME(which was used for adding the sig1._domainkey) and It was accepted by cloud after that.

As of 2022-04, they recommend setting "v=spf1 include:icloud.com ~all", so which is bit different than the redirect= variant from original report. I am not sure if this changed or if both are ok but worth mentioning.

Absolutely the same thing: "v=spf1 include:icloud.com include:mailgun.org include:_spf.google.com ~all"

Has still no one figure this out?

What had worked for me, was putting both TXT in ".." (contrary do implementation guide, that suggested such only for SPF)

Good luck! W.

iCloud custom domain for email - DMARC/SPF/DNS
 
 
Q