Setting up Mailgun for ODK Central - problem with DNS settings

I'm trying to setup Mailgun with ODK Central (running on AWS EC2). I tried to follow the instructions but Mailgun is not finding the DNS records.

Instructions on Mailgun show this:

And my DNS settings are as follows:

Note, that I couldn't add the second MX record:

I'm wondering if it might be because I have Central at a subdomain and SSL not setup for the apex domain? (There's no site at the apex domain right now.)
Screen Shot 2020-11-19 at 9.33.04 AM Screen Shot 2020-11-19 at 9.33.33 AM

I don't see anything else wrong with your settings and I don't think this is an issue with SSL. DNS records can take up to 24 hours to update so you might just have to be patient.

You don't need the MX records for Mailgun to verify the domain and I haven't run into problems leaving them out. Not sure why you can't add two MX records. Maybe a limitation of Google Domains?

Ah, when adding the first MX entry (or going to edit it after), you have to go to click the little + sign. You don't add a separate MX entry.

It's been almost a week (I started this process and then was distracted by other things when I ran into the issue). Hmm... I'll poke around a bit and see if there's something else I might try.

dropping the domain from the Name got it to work correctly.

Checking with https://www.mail-tester.com/ I got a score of 6.7/10 and "Not bad. Some inboxes might still refuse you." I added a DMARC record per their recommendation.

It took about 5 minutes for an email to a Gmail account to show up. Some time after Mailgun showed the email as delivered and accepted. An email sent to an organizational Outlook account (before the Gmail email was sent) still hasn't shown up.

IT said to login at https://protection.office.com/quarantine and check for the emails there. But there's nothing in the list.

1 Like

I'm also seeing some deliverability issues with Microsoft-powered mail servers accepting, but not delivering the password reset messages (but delivering the password change messages that have no links). Does your IT have any visibility into those messages beyond what is typically show in the quarantine UI?

Tried again randomly and a password reset email came through. But a new account for a colleague didn't result in them getting an email. I had previously added the domain to my "Safe senders and domains" list in Outlook - so I wonder if it just took some time for that to take effect and it was the factor that let me get it now. No luck yet in finding someone in IT who might shed light on this.