iCloud custom domain setup

I

Imitchener

New Member
Has anyone been able to get this working with a free Zoneediit account?

I have setup a subdomain under my main domain.

Added the required TXT records for the subdomain with no problems. Same with MX records.

One question and one issue which may or may not be related.

Question when setting up subdomain what should I enter for the I.P. address? I presently have set to PARK as I do not intend the subdomain to be used for anything other than email.

Now the problem. As far as I can tell the C Name for the subdomain DKIM is set to the value given in the setup instructions sent by iCloud but iCloud can not complete setup. Error says check DKIM setting.

I have tried setting DKIM as a C Name as stated in the setup instructions. Also using TXT entry to setup the C Name.

I have spent hours trying to get this to work. Any suggestions welcome.
 
sandy

sandy

Administrator
Staff member
Hi there. can you please reply with the domain name of concern and I will be happy to assist.

regards.
 
sandy

sandy

Administrator
Staff member
hi there.. ok so what I see here is in the MX you have the host as mail.themitcheners.ca so what that means is you are setting up email for something@mail.themitcheners.ca .. was that your intention?
 
sandy

sandy

Administrator
Staff member
Most likely the txt records and A record shouold have the host as the @ sign and not mail... then delete the MX record pointing to local.. if you want to run mail for something@themitcheners.ca through Icloud as the email services provider.
 
I

Imitchener

New Member
sandy said:
Most likely the txt records and A record shouold have the host as the @ sign and not mail... then delete the MX record pointing to local.. if you want to run mail for something@themitcheners.ca through Icloud as the email services provider.
Click to expand...

At present I was hoping to setup mail.themitcheners.ca on iCloud mail to see how it works and leave my existing email maps for @themitcheners.ca in place as these addresses are used by other family members.

I have done a bit of digging and have found something weird which I think may actually be causing the problem.

I set up C Name records test under themitcheners.ca. and under mail.themitcheners.ca. Neither of the C Name entireties appear to be propagating to DNS.

See my attached screen shots of nslookup. The last set of results were made using name server dns0,zoneedit.com. Surly your DNS servers should have resolved pretty much right away. In fact my initial mail.themitcheners.ca results were using DNS server 1.1.1.1 and run after first removing the .mail subdomain making sure it was gone then re-adding that same domain. So your name servers are in fact uprating the public DNS reasonably quickly. I was able to confirm update speed by adding the text entry test to subdomain mail which in fact showed up with nslookuo using name server 1.1.1.1 pretty much right away.

Something else I just noticed although this may be normal so made no changes.

I noticed the name servers for my domain are ns14.zoneedit.com and ns2.zoneedit.com and both show up on nsllokup results both show as name servers for my domain but if I set ns2.zoneedit,com as the name server to use for nslookup result is can't find themitcheners.ca, Trying to set nslookup to use ns14.zoneedit.com gives Can't find address for server for server ns14.zoneedit.com: No response from server.

See second image below.

Hopefully this information can help solve my issue.
 

Attachments

  • results.jpg
    results.jpg
    103.7 KB · Views: 2
  • results2.JPG
    results2.JPG
    36.8 KB · Views: 2
Last edited:
sandy

sandy

Administrator
Staff member
dns0 is our unpublished primary its never delegated to a domain name.

lookups are fine for me at present:

dig @ns2.zoneedit.com a themitcheners.ca

; <<>> DiG 9.10.6 <<>> @ns2.zoneedit.com a themitcheners.ca
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48348
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;themitcheners.ca. IN A

;; ANSWER SECTION:
themitcheners.ca. 6000 IN A 206.163.255.127

;; Query time: 29 msec


and on a Google public server:

dig @8.8.8.8 a themitcheners.ca

; <<>> DiG 9.10.6 <<>> @8.8.8.8 a themitcheners.ca
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25104
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;themitcheners.ca. IN A

;; ANSWER SECTION:
themitcheners.ca. 6000 IN A 206.163.255.127

;; Query time: 27 msec

____________________________

Cnames as well:

> dig @ns2.zoneedit.com cname test.mail.themitcheners.ca

; <<>> DiG 9.10.6 <<>> @ns2.zoneedit.com cname test.mail.themitcheners.ca
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20785
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;test.mail.themitcheners.ca. IN CNAME

;; ANSWER SECTION:
test.mail.themitcheners.ca. 600 IN CNAME bing.com.

;; Query time: 28 msec


and...


dig @ns2.zoneedit.com cname sig1._domainkey.mail.themitcheners.ca

; <<>> DiG 9.10.6 <<>> @ns2.zoneedit.com cname sig1._domainkey.mail.themitcheners.ca
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62261
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;sig1._domainkey.mail.themitcheners.ca. IN CNAME

;; ANSWER SECTION:
sig1._domainkey.mail.themitcheners.ca. 600 IN CNAME sig1.dkim.mail.themitcheners.ca.at.icloudmailadmin.com.

;; Query time: 32 msec



: do you have any explicit Icloud instructions you cabn send in?
regards.
 
I

Imitchener

New Member
Strange thing is it suddenly started working later in the evening! I thought that possibly someone else at your end saw my post and worked some magic. The settings I put back in place were identical to what I had done before for the c name.

On the plus side I now know much more about DKIM and the capabilities of nslookup than I did before.

Thanks for your help and patience with my problem. Guess it’s one of those things we will never really know the root cause of.
 
I

Imitchener

New Member
Strongly yes. With all the settings which I was originally struggling with.

Before I retired I had 20 plus years in IT and often gave up trying to explain the unexplainable... Maybe a full moon thing? Lol

Again thanks for the help plus thanks to whatever "Higher Power" than us decided to fix it.

Have a great day and feel free to share my praise for you with your manager and tell him to buy you a coffee on me.

Ian
 
sandy

sandy

Administrator
Staff member
:) thanks for the kind words... oh.. the industry standard now uses the term "Gremlins".. and if thats not convincing enough the back up is Solar Flares :)

thankd and take care
 
You must log in or register to reply here.
Top