We're getting reports of users trying to log in or request 2FA emails from Cloudflare sites (ex: California DMV) but seeing errors that our well.com domain isn't recognized as valid. Well.com has been around since 1993 and our primary DNS hasn't changed since perhaps 2012. . Excerpts appended for reference. I strongly suspect these errors are related to a Cloudflare security check for valid email domains. Hoping someone here can validate or disprove this. If it's a Cloudflare issue, any contacts here? When I poke at an open cloudflare DNS server and look up the A for well.com I get a disturbing error: : server can't find well.com.well.sf.ca.us: well.sf.ca.us is an antique (but valid) A record in the sf.ca.us zone and has no business appearing here. Did something drop a period or CRLF on a list somewhere? When I query AWS and Google DNS servers, our DNS looks correct and unchanged Thank you very much for any pointers! Betsy -- Correct info:
set type=any well.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: well.com Address: 23.22.72.90 well.com nameserver = ns-1783.awsdns-30.co.uk. well.com nameserver = ns-1103.awsdns-09.org. well.com nameserver = ns-805.awsdns-36.net. well.com nameserver = ns-459.awsdns-57.com. well.com origin = ns-1103.awsdns-09.org mail addr = awsdns-hostmaster.amazon.com <snip> well.com mail exchanger = 15 xmx.well.com. <snip> -- whois well.com [Querying whois.verisign-grs.com] Domain Name: WELL.COM Registry Domain ID: 4562093_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.enom.com Registrar URL: http://www.enomdomains.com Updated Date: 2020-01-24T18:46:10Z Creation Date: 1993-01-25T05:00:00Z Registry Expiry Date: 2029-01-26T05:00:00Z <snip> Name Server: NS-1103.AWSDNS-09.ORG Name Server: NS-1783.AWSDNS-30.CO.UK Name Server: NS-459.AWSDNS-57.COM Name Server: NS-805.AWSDNS-36.NET <snip>