1 Reply
      Latest reply on Dec 23, 2019 8:26 AM by lnb
      sfstpala Level 1 Level 1 (0 points)

        We're unable to send email to private relay address.


        The server we're sending from is also the MTA, the domain is verified (with a checkmark) in and we're using (correctly configured) DKIM, DMARC (set to reject unauthenticated mail), and SPF (set to reject mail that doesn't match), but we're still getting this error:


        550 5.1.1 Relay not allowed for <xxxxx@privaterelay.appleid.com


        What could be wrong?


        Our SPF record looks like this:


        "v=spf1 a mx ip4:... ip4:... ip6:.../64 ip6:.../64 include:servers.mcsv.net include:_spf.google.com -all"


        (again, the email is actually sent from the server matching 'a', not mailchimp or google)


        I'm also able to verify that all the headers look right: Return-Path, From, and the smtp from all match both the verified domain and I've added it as an individual email address, Authentication-Results says "dkim=pass", "spf=pass", and "dmarc=pass (p=REJECT sp=REJECT dis=NONE)", the "d" value in the DKIM signature matches the domain, in short, everything seems to be set up properly.