Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

DNS records error preventing email domain validation

Hi - we're getting an error that a TXT record in our DNS server is preventing Atlassian from validating our email domain. The TXT record appears in our DNS file exactly as shown (, but we still get the error that Atlassian is unable to confirm a match ("the value for this TXT record is missing from your domain provider"). Are there specific gotchas or details that other folks have found that might help get this configured correctly?




2 answers

4 votes

@Doug Matthews 

I'm wondering if there's multiple SPF records for the domain, and the validation logic is checking one record, but you're looking at another.

There's a good chance you already had an existing SPF record on your domain - eg: if you use Microsoft O365 for email, your domain likely had something like "v=spf1 -all" (this allows O365 to send email on behalf of your domain).

If you now want to allow Atlassian's Cloud services to send email, the instructions may say something like 'Add "v=spf1 ~all" to your domains TXT record, but if you already have an SPF TXT record, you need to merge the two, so you'd change

"v=spf1 -all"


"v=spf1 -all"

Be careful if you have ~all (softfail) in your SPF record and an instruction says to change it to -all (fail).  -all is a much stricter rule than ~all, so if something is sending email on behalf of your domain already and not explicitly listed in your SPF record with ~all and you change to -all, then chances are whatever is sending those emails will be blocked by any well-behaving mail server  has a bit more



Thank you so much CCM, not merging the SPF records was the problem in my case, and thanks to you, I could resolve it just by googling :)


Like Craig Castle-Mead likes this

I have exactly the same problem. Is there a bug in Jira's validation algorithm?

Here are details of issue I got:

PS. SPF TXT record is verified successfully. The problem is only with 2nd TXT (verify) record

Suggest an answer

Log in or Sign up to answer
Site Admin
AUG Leaders

Atlassian Community Events