Updated 21 May 2020.
Sometimes, we setup Mailgun for transactional email, because this helps web based forms, and other, email to get sent to the right place. Its also free, as in beer, at least for the first 10,000 mails a months.
But we ran into a deliverability issue on one or two domains, which would sometime say things like:
550 Sender has no A, AAAA, or MX DNS records.
How to fix that? We thought. Well, the clue is in the message!
At the recipient, sometimes (though there is no actual standard or rule which says this should be done!), there is a DNS check to see if the sending domain is at the same URL as the domain from which the mail originated. Correctly formed SPF records should be respected and allow this, but there it is, some “spam filters” make this check.
But at Mailgun, we setup a special `mg.somedomain.com` subdomain to send transactional email from, right?
Yes, and that is where this “issue” stems from.
Make a domain a record in your DNS which points to the same IP as the address from which your mailgun mail will originate from (often this will be where your “www” record will point), and, when this is updated and has propagated (yawn, we know, it takes a long time… can’t be helped) your mail will start sending correctly!
The record should be for the exact domain as your sending domain you setup in Mailgun – for example, if you’re sending from mg.somedomain.com and your server IP is 220.127.116.11 the record would look like:
A mg 18.104.22.168
If you use CloudFlare or another DNS proxy, it’s a little simpler if you turn off their DNS proxy feature, as this will reveal the “same” IP address as that from which your transactional mail will originate, which is partially what the spam filter you tripped up is checking for (whether or not this is a “correct” sending IP for THIS domain).