Sendgrid "Sender Authentication" on Azure - azure

I have an Azure SendGrid account that works great. I can send e-mails no problem with the usual API. I need to setup Sender Authentication (2 reasons, first it will help with receiver finding it in their junk and more importantly it will allow me to setup an Inbound Parse).
I have consulted the Sendgrid Documentation (https://sendgrid.com/docs/User_Guide/Settings/Sender_authentication/How_to_set_up_domain_authentication.html), which has explicit instructions, which involve DNS Records (more soon), but unfortunately this isn't working. I have also gone through their troubleshooting. I think it may be an issue with my domain actually being a sub-domain, but I can't figure out how to fix the DNS records to make it work.
I have a "DNS Zone" setup for my site, lets call the site "fake.azurewebsites.net".
Sendgrid instructed me to add the following CNAME records (numbers are scrambled):
em1879.fake.azurewebsites.net > u7381760.wl261.sendgrid.net
(..as well as two others)
So I made those records, and waited over 48 hours for DNS refresh, but Sendgrid will still not verify. I get the error: Expected CNAME for "em1879.fake.azurewebsites.net" to match "u7381760.wl261.sendgrid.net". I also tried their troubleshooting and wasn't able to get an "answer" using the DIG command. I am not using whitelisting or any of the other features that are known to interfere.
In all the documentation, the records usually take the form:
em1879.usersDomain.com and not em1879.userSub.Domain.com, so that could be part of the issue, but I could of course be missing something.

I wanted to copy the answer that I got from Microsoft Tech support. Based on #mdeora comment, I contacted Azure and below was the response. It seems that the SubDomain is the problem, but only specifically for these azurewebsites.net subdomains, it may work fine for other subdomains if you can setup delegation.
"I suspect a delegation issue.
As I understand it, you have created a DNS zone name 'geic.azurewebsites.net'. This has been assigned name servers in Azure DNS (e.g. ns1-08.azure-dns.com etc). You have then created a DNS entry 'em8849' of type CNAME.
The problem is that there is no DNS delegation in place from the parent DNS zone to your DNS zone. In this case, the parent DNS zone is 'azurewebsites.net'. This is owned by Microsoft, and they do not support customers setting up delegations from this domain.
You should:
Purchase your own domain name (e.g. myapp.com). You can do this using the App Service Domains service in Azure (currently in Preview). See https://azure.microsoft.com/blog/app-service-domain/
Create a corresponding DNS zone in Azure DNS
Set up DNS delegation for your DNS zone. See https://learn.microsoft.com/azure/dns/dns-delegate-domain-azure-dns
Create your DNS record. For a Web App, use either a CNAME to the 'xxx.azurewebsites.net' or an A record directly to the site IP address.
For Web Apps, you will also have to register your domain name as a custom domain for the Web App. See https://learn.microsoft.com/azure/app-service/web-sites-traffic-manager-custom-domain-name
If you use App Service Domains to complete step 1, then steps 2 and 3 should be completed for you, automatically.
Good luck!
Jonathan (www.opsgility.com)"
Proposed as answer by Jonathan TulianiModerator Friday, June 15, 2018 9:00 AM

For me, the problem was that Azure automatically includes domain name in the records: Sendgrid asks to add a CNAME record "s1.domainkey.yourcustomdomain.com"; You shoudn't include ".yourcustomdomain.com" in the name because azure automatically includes it. You can check that by editing a record and seeing that it ends up as: "s1.domainkey.yourcustomdomain.com.yourcustomdomain.com". So the record should be only: "s1.domainkey";
It worked for me, but i have a custom domain acquired from azure; maybe it works for azurewebsites subdomains, i'm not sure.

Related

Firebase template domain verification and firebase hosting at the same time seems to fail

I'm after having associated a custom domain for firebase hosting and firebase dynamic links, I was trying to setup a custom domain for authentificatio email templates. However verification for the authentification fail.
I'm using Namecheap for the DNS configuration.
Is it because the cname and # directive conflict one with each other ? I chose a subdomain for the authentification template mail:
Information is DNS servers is public information. Trying to answer what is wrong is very hard when you hide the information required.
Go to Google Domains Is your domain verified in Google Domains? If not complete that step first.
The CNAME resource records appear correct.
Most likely the last two TXT records are wrong. I am guessing that you are using something like app.example.com. The managed zone is example.com. The host is app. Your TXT records should only have *app without the managed zone example.com.
After you modify DNS server resource records be prepared to wait. Firebase will say up to 48 hours.
If my answer does not solve your problem you will either need to disclose your DNS server resource records or find someone that understands DNS to help you.

DNS Transfer from Plesk Domain Controller to Azure

Good Afternoon,
after 2-3 Days trying to move my Domain from a Webhoster to Azure, i need your Help.
My actual Webhoster has Plesk. Over Plesk i can access and change all the DNS Entrys.
https://learn.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns
Based on this Walkthrough i'll have created 4 Entrys at my actual WebHoster and the Verification of the Domain is allright. When i run the command
nslookup -type=SOA #mydomain# i see a azure dns.
https://learn.microsoft.com/en-us/azure/app-service/manage-custom-dns-migrate-domain
After that i wanted to create a Test App in Azure. Based on the above Walkthroughs i managed to set my Custom Domain for my App Service. I made this Settings at my old WebHoster and in my newly created DNS-Zone in Azure.
So far so good. So I have deactivated the local DNS Service in Plesk in order to move on to Azure that should manage my DNS now. So i'll have deleted the Custom Domain in my App Service and created it again but this time it should point to my Azure DNS. But in the Creation Dialog of Creating a Custom Domain it tells me that im not the owner of the Domain.
Im confused and floating somwhere in the Dark. Could some guys point to the right direction. Do i have to do additional Entrys in the Azure DNS?
I hope someone can understand my bad Descriptions :).
Thanks for every help
After you host your domain in Azure DNS, you only need to manage your DNS entry in the Azure DNS zone.
Thus, in the step of migrating an active DNS name to Azure App Service, you can create domain verification records in the Azure DNS zone.
Then you also need to add the custom domain to the web app and remap the active DNS records via A or CNAME record following that steps in the document.
Thanks Nancy for the answer.
i could solve the Problem. I found this ?-Button in Plesk that let you test the DNS-Zone on the Nameserver. There was an ip poping up that does not belong to an A-Reccord. But the weird thing is thtat this Ip-Adress also did not belong to the App-Service IP.
But as soon as i added this Ip everything went fine and is working now.
Thanks

Azure CDN connect custom domain

I have static website on azure storage, it's connected to azure cdn to have https, and i have my custom domain folla.com.pl I want this domain to point to https://companywebsitecdn.azureedge.net/ which is address of my website on azure cdn. I chose custom domain on cdn configuration site, it asks me to make dns mapping to verify ownership, so i make CNAME cdnverify.folla.com.pl to cdnveriy.companywebsitecdn.azureedge.net and it get me to other window with custom doamin https config. And here's my problem, it get's stuck on second step
How I'm suppouse to configure another mapping to make it work, what i mean is to make folla.com.pl to point to https://companywebsitecdn.azureedge.net/ with https. I can't proivde what i already tried with my dns because it was a lot and i don't remember all of it. Also it's already second try and everytime after failure I have wait 8 hours for another try. Thanks in advance
This is my DNS config
When you try to add your custom domain folla.com.pl in the custom domains settings of Azure CDN endpoint. Before this step, you should have a CNAME record in the following format in the DNS zone.
When you turn on the custom domain https, you don't need to make a CNAME cdnverify.folla.com.pl to cdnveriy.companywebsitecdn.azureedge.net. Read here.
If that CNAME record still exists and does not contain the cdnverify
subdomain, the DigiCert CA uses it to automatically validate ownership
of your custom domain.
If the CNAME record entry contains the cdnverify subdomain, follow the rest of the instructions in this step.
DigiCert sends a verification email to the following email addresses. Verify that you can approve directly from one of the following addresses and read here.
admin#<your-domain-name.com>
administrator#<your-domain-name.com>
webmaster#<your-domain-name.com>
hostmaster#<your-domain-name.com>
postmaster#<your-domain-name.com>
Automatic validation typically takes a few hours. If you don’t see your domain validated in 24 hours, open a support ticket.

Add Custom Domain in Azure blob storage

Error creating Custom Domain in Azure
Hi, I am trying to link a custom domain to my static website that is located on my blob storage account. When creating the custom domain these are the azure instructions "Create a CNAME record with the DNS provider that points the domain (eg, www.contoso.com) to blobstorage.blob.core.windows.net or blobstorage.z13 .web.core.windows.net and then specify your domain. This method is simpler, but causes a short downtime while Azure checks the domain registration. "
In my godaddy account I have created a new CNAME record as follows Type: CNAME, name: www.mydomain.com, value: blobstorage.z13.web.core.windows.net.Y when trying to specify the custom domain in azure (mydomain.com) generates the following error: "Could not update storage account 'XXXX'. Error: The custom domain name could not be verified. CNAME mapping from mydomain.com to any of ..... does not exist "
I do not understand what I am doing wrong, I am very new in the subject and I really appreciate the help you can give me. Thank you very much
Be sure you have the CNAME record set correctly in the DNS settings for your domain name, then give it some time to update. DNS doesn't update immediately, it can take some time for the update to sync through all the DNS server between your registrar and Azure or your local ISP. This is especially the case when you test and it fails, then you need to wait at minimum the TTL (time-to-live) time that is set on the DNS records updated before you'll be able to test again.
On an aside, I'd recommend setting the TTL on the DNS records to 1/2 hour, then when everything's working you can go update it to a longer TTL. This will help when you need to update things and retest again to get it working.
I could already make the configuration I was looking for by configuring a CDN. this is the link learn.microsoft.com/en-us/azure/storage/blobs/… Thanks everybody fot your answers and comments –

Delegate to Azure DNS Zone broke the site

I was attempting to do something else and obviously did not know that the "Delegate to Azure DNS Zone" would break my site. Because after I clicked the button, my site no longer can be displayed. I immediately removed this but it is still unable to be displayed. Can anyone fill me in on what I need to do to make this work again? Happy to provide more information just not sure what else you may need to help. I purchased the domain through Azure about a year ago.
If I understand correctly, you bought the domain one year ago and your domain is hosted by GoDaddy(your domain registrar, where you bought domain through Azure portal). It means requests to your site is resolved by name servers provided by GoDaddy after then.
When you use "Delegate to Azure DNS", those name servers will be replaced by ones provided by Azure. (If you didn't do any similar settings except clicking one button, that means operations are finished through one click.)
So your site is lost for the moment due to the change of name servers. As #juunas said, DNS propagation may take some time(Up to 48h but usually faster).
You may also need to check, whether your DNS record in DNS Zones and your Hostname bindings are changed or removed by the delegation operation.
Hope it helps.
If the problem can't be solved, you can show us:
Where is the button on your site
How do you remove this settings
DNS records and hostname bindings

Resources