CD
Cloudflare Developers2w ago
GBoudreau

Email Routing to Gomailify

This morning, emails from Cloudflare Email Routing to gomailify stopped working. I received the last email at 12:30 UTC, but after that time, sending an email to a Cloudflare-routed email address, Cloudflare reports an error (through the sending server) : 521 5.3.0 Upstream error, please check https://developers.cloudflare.com/email-routing/postmaster for possible reasons why. STWEzJA7wD5R I am able to forward received emails to a @gmail.com email address. The problem seems to be specific to Gomailify. (I tried to contact Gomailify support - waiting for them to reply.) Trying here too, in case someone could confirm they have the same issue with Email Routing to Gomailify, or another email provider.
4 Replies
GBoudreau
GBoudreauOP2w ago
Looks like it is related to an expired certificate. I see the exact error message in the Overview tab : upstream (mx.gomailify.com.) error: failed to initalize: Failed to connect to upstream using TLS: DANE was enforced but it could not be checked: TLS failed in the presence of DANE records due to: 10 - certificate has expired
DarkDeviL
DarkDeviL2w ago
I received the last email at 12:30 UTC,
Gomailify had a certificate for their inbound mail server, "mx.gomailify.com", which expired not that far from that timestamp (https://crt.sh/?id=19225735547).
The problem seems to be specific to Gomailify.
It is, - their set (at least, for their own domain) up doesn't allow inbound connections, when the validation (of the encryption certificate being used) is failing. I'm curious though, ... is the final destination (the one Cloudflare Emal Routing is trying to reach), ... a "@gomailify.com" address, or an address on a custom domain you have with Gomailify?
GBoudreau
GBoudreauOP2w ago
Custom domain. I talked to the guy in charge of Gomailify, and he resolved the issue. One of the two servers that was used for mx.gomailify.com didn't get the updated cert. He fixed that, and emails are going through now.
DarkDeviL
DarkDeviL2w ago
Ah yeah, I actually meant to have included that everything seemed to work fine on my side too. Great to hear everything is fixed! (Sounds like some if their infrastructure could use some more monitoring though)

Did you find this page helpful?