It's a rather odd approach TBH - most (responsible) websites that want to collect an email address verify it by sending an email with a URL in, which gives you end-to-end verification that it goes to the right place.For that you don't need to mess around with DNS at all - just use the local MTA. Our mail domain is hosted at where we use Office 365 services and don't have a website under the mail domain at all. ; New configuration you need ; (IP address does not matter but you might need to avoid private IP address range) dummy.a4 Now boulder only checks A records (not MX records and AAAA records either! AAAA [somev6IP] To clarify, not trying to validate for a cert with this email domain, just trying to register an account from a client with it. After some bug reports from people whose mail domain had an A but no MX, I naively changed it to check the A record, assuming any domain with an MX would also have an A.

what is validating mx record-3what is validating mx record-27

While trying Let's Encrypt closed beta, I found that my email addresses (I host) are not accepted. If this is not working, something might be wrong... ) which causes several mail address verification failure. As we see here, that assumption is not correct, so we will make a fix to check both.

I modified the client and got following Python exception information while registering an account (mail address in this example is not real though). After adding dummy A record, the account registration has succeeded. ; Example for [email protected](BIND format) ; ; Existing configuration dummy.a4 According to RFC 5321, both MX (mail exchanger) and A/AAAA (address) records must be checked. The older RFCs stated this, but the most recent one(s? Actually some pretty big mail deployments will just refuse to deliver mail to domains without a MX.

This may be a matter of propagation on the DNS system or the entry may have been done incorrectly.

These sites can also be used to verify the TTL (time to live) value for the existing TXT record.

If you have purchased the services directly you may be using a secondary account that has not been given permissions to Manage Domains.

This User Role would need to be added under Administration User Management using the primary login.

It will be pushed to production sometime next week.

If there is no result then the DNS servers responsible for your domain have not published the record yet.

The domain is stuck in inactive state and under MX records it shows ‘Update Now’ Please change the MX Records to what the wizard has specified.