Jump to content

OX App Suite Email Not Authenticating

Isaac Asher

Recommended Posts

Recently installed OX App Suite again (I LOVE it!!) but whenever I send an email to a Microsoft 365 account, it shows a question mark next to my name and strips out all the html link functionality.  After a bit of research, I think it has something to do with the way the DNS is set up and preventing spoofing.  According to the Microsoft docs, it seems that my OX App Suite email address is not authenticated in the way that Microsoft expects.  Could not find good documentation on how to correct this issue.  Seems Microsoft thinks OX App Suite emails are spoofed and I'm not sure what can be done to correct this without breaking OX App Suite.  

Does anyone know if there is an additional DNS entry that would correct this issue (or some other fix)?  

Edited by Isaac Asher
Link to comment
Share on other sites

Hi @WHMCS John! You've bailed me out of many sticky situations in the past.  Always appreciative!

I checked the DNS on that domain and found that I have the same DNS entry as installed by the OX App Suite setup script.  There are a few differences, however.  The TTL on my entry is 14400 whereas the example showed 3600.  The name on my entry shows the domain name and TLD, whereas the example says to use an at-sign or blank.  

I tried to change the name to blank and cPanel said the field is required.  Tried to use an at-sign and it said it was an invalid character.  Can only be alphanumeric.  No choice but to leave the Name setting to what it originally was (my domain with TLD).  Was able to change TTL from 14400 to 3600 without issue.  Sent another email and same results; grey question mark and links disabled. 



Link to comment
Share on other sites

  • 2 weeks later...
  • WHMCS Support Manager

Hi @Isaac Asher,

I've updated the SPF article with a sample SPF record from cPanel.

It took me a while, but I managed to dig up an explanation of the question mark icon you were seeing in O365 and its meaning: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-worldwide#unauthenticated-sender

It appears that creating DKIM records for the domain might prevent this from occurring. Currently DKIM keys aren't available from OX for custom domains like this, but I've noted this down with the product team for investigation with the vendor in future.

In the meantime, Microsoft's document above indicates that the recipient can add the domain to a safe senders list to remove the ?

Link to comment
Share on other sites

  • 2 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated