I’m trying to set up my Mailgun configuration and running into a DNS problem. Mailgun wants me to create a TXT record for mail.mysite.com containing v=spf1 ... and also add a CNAME record for sender.mail.mysite.com pointing to mailgun.org.
The domain verification went through fine on Mailgun’s end. But now when I try sending emails, some mail servers are bouncing them back saying “Sender address rejected: Domain not found”. I think this happens because mail.mysite.com doesn’t actually resolve to anything - there’s no CNAME record for it since I’m already using that subdomain for the TXT record.
I can’t create both a CNAME and TXT record for the same subdomain. Is there a way to move the v=spf1 content to a different TXT record so I can free up the mail. subdomain for a CNAME instead? This might fix the sender verification issues with strict mail servers.
The bounces aren’t DNS-related. You can definitely have that TXT record on mail.mysite.com with the CNAME for sender.mail.mysite.com - no conflicts there. Had the same delivery headaches setting up Mailgun for a client last year. Usually it’s DKIM alignment failing or your new domain having zero reputation. Test an email through mail-tester.com to check your auth scores. Also make sure your Mailgun webhooks are set up right for bounces and complaints - Gmail and Outlook get picky when that’s broken. Don’t blast high volume right away either. Warm up the domain slowly.
Had the exact same issue with Mailgun 6 months back. It’s not a DNS conflict - you can run that TXT record on mail.mysite.com and the CNAME on sender.mail.mysite.com just fine. Here’s what actually fixed it: check your email headers for the FROM domain. I was sending from [email protected] but mysite.com had zero MX records. Some mail servers do strict checks on envelope sender domains and bounce emails if they don’t resolve. Quick fix: either add a basic MX record for your main domain or change your FROM address to use mail.mysite.com (since that’s already configured). Bounces stopped instantly once I did this.
You’re mixing up two different things. Keep that TXT record for mail.mysite.com with the SPF data right where it is - it’s not causing delivery problems. That “Domain not found” error? It’s probably because your FROM address domain isn’t set up right, not the mail subdomain. Check that your sending domain (whatever’s after the @ in your FROM address) has proper MX records or at least resolves to something. I’ve seen this exact error when people use FROM domains that don’t exist in DNS at all. The CNAME for sender.mail.mysite.com is totally separate and won’t conflict with your TXT record on mail.mysite.com.
You’re encountering email delivery issues (“Sender address rejected: Domain not found”) after configuring Mailgun, despite successful domain verification. You suspect a conflict between a TXT record (SPF) and a CNAME record for the mail.mysite.com subdomain, preventing proper DNS resolution for email sending.
Understanding the “Why” (The Root Cause):
The core issue isn’t a conflict between the TXT (SPF) record and the CNAME record on mail.mysite.com — you can have both. The error (“Domain not found”) indicates a problem with the domain used in the FROM address of your emails, not necessarily mail.mysite.com. Many mail servers perform strict checks on the domain specified in the email’s header (FROM field), verifying that it has properly configured MX records (Mail Exchanger records) to handle incoming mail for that domain. If the domain in your FROM address doesn’t have MX records or doesn’t resolve properly, the mail server rejects the email. The mail.mysite.com CNAME and TXT records are related to authentication and sender verification (SPF, DKIM), but separate from the domain resolution needed for the actual email recipient routing.
Step-by-Step Guide:
Verify the FROM Address Domain: Examine the FROM address you’re using in your emails. Let’s say it’s [email protected]. The critical element here is mysite.com. Check if mysite.com (the domain after the @ symbol) has correctly configured MX records in your DNS settings.
Add MX Records (if necessary): If mysite.com lacks MX records, you must add them. This tells receiving mail servers where to deliver emails addressed to this domain. Your domain registrar (e.g., GoDaddy, Namecheap, Google Domains) or DNS provider (e.g., Cloudflare, AWS Route 53) will have options to add MX records. You’ll need to use the MX records provided by your email provider (in this case, the records related to your Mailgun configuration).
Alternative: Change the FROM Address: If adding MX records to mysite.com is not feasible or desirable, a simpler solution is to change the FROM address in your emails to use mail.mysite.com (since you already have the necessary DNS records for this subdomain). This aligns the domain in the email header with your properly configured Mailgun domain.
Test Email Delivery: After making these changes, send a test email and use a service like mail-tester.com to check your email authentication and deliverability scores. This will provide insights into any remaining issues.
Monitor Bounces: Keep an eye on your email bounce rates. If issues persist, examine the bounce messages carefully for more clues.
Common Pitfalls & What to Check Next:
DNS Propagation Time: It can take some time (anywhere from a few minutes to several hours) for DNS changes to fully propagate across the internet. Be patient and allow sufficient time before concluding that the DNS settings are incorrect.
Mailgun Configuration: Double-check your Mailgun settings. Verify that you are using the correct API keys, SMTP credentials, and that your domains are correctly verified within the Mailgun interface. Ensure that your DKIM (DomainKeys Identified Mail) and SPF records are properly configured and aligned.
Email Authentication: Confirm that SPF, DKIM, and DMARC (Domain-based Message Authentication, Reporting & Conformance) are all correctly set up to prevent email spoofing and improve deliverability.
Still running into issues? Share your (sanitized) config files, the exact command you ran, and any other relevant details. The community is here to help!
check if your mailgun domain is verified - sometimes it shows green but dns hasn’t fully propagated. also double-check you’re using the right smtp creds. I’ve seen folks mix up sandbox vs live keys, which causes this kinda bounce.
i would just leave the spf record as is. no need for a cname for mail.mysite.com. maybe double check your mailgun settings - most the time, the issue is on their end, not with dns. good luck!
Understanding the “Why” (The Root Cause):
Step-by-Step Guide:
Common Pitfalls & What to Check Next:
Still running into issues? Share your (sanitized) config files, the exact command you ran, and any other relevant details. The community is here to help!