DNS problems setting up TXT record for Exchange Server

kcroy

Member
Jul 21, 2012
16
2
53
cPanel Access Level
Reseller Owner
Hi,

I'm setting up DNS records on my VPS so I can use my domain with a Microsoft Exchange Server. I have successfully added the MX and CNAME records, but am having issues with the TXT SPF1 record.

I have entered the TXT Value

dns settings.jpg

But I am getting a failed notice from Outlook:


dns failed.jpg

When I look at the DNS via mxtoolbox, I get this error: Invalid syntax found, and It shows me:

TXTMYDOMAIN.com4 hrsv=spf1include:spf.protection.outlook.com-all

Session Transcript:


LookupServer 62ms
1 l.gtld-servers.net 192.41.162.30 NON-AUTH 0 ms Received 2 Referrals , rcode=NO_ERROR MYDOMAIN.com. 172800 IN NS ns1.MYNAMESERVER.com,MYDOMAIN.com. 172800 IN NS ns2.MYNAMESERVER.com,

2 ns1.MYNAMESERVER.com 166.62.88.198 AUTH 62 ms Received 3 Answers , rcode=NO_ERROR MYDOMAIN.com. 14400 IN TXT v=spf1include:spf.protection.outlook.com-all,MYDOMAIN.com. 14400 IN TXT google-site-verification=XmXDnPVaOcPtpYRDi6UoKO8GgJ0OYkFmxYktUrMZ24U,MYDOMAIN.com. 14400 IN TXT MS=ms40379324,

I have tried entering the SPF value any number of ways - with quotes, without, with spaces, without - and WHM reshapes it without spaces. So there is that difference. Additionally, the TTL should be 3600, but it's showing as 14440.

I'm at a loss - any help appreciated.
 
Last edited by a moderator:

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,266
1,304
363
Houston
The error indicates that the SPF record isn't found for the domain, this would indicate that they've not been added where DNS for the domain is hosted or you've not allowed enough time for propagation. If you're able to view the record on MX Toolbox it could be an issue with propagation on Microsoft's side but I can definitely say if you're adding the record as follows:

Code:
 v=spf1 include:spf.protection.outlook.com -all
It is valid.
 

kcroy

Member
Jul 21, 2012
16
2
53
cPanel Access Level
Reseller Owner
Thanks, I'm glad I'm not going crazy or something.

The MS Server was able to check and confirm very quickly, they are querying my name servers directly. If I make a change, they are picking it up instantly. With that said, today MXToolbox says it is fine.

TXTMYDOMAIN.COM4 hrsv=spf1include:spf.protection.outlook.com-all

But I'm still getting error from MS. I'm going to try calling a support number and see how far I get.

Do the lack of spaces matter? Why isn't a more recent TTL showing up ( it should be 1 hour ).