Hi Betsy, Cloudflare DNS hangs out in the dns- oarc community. You can reach out here: <https://chat.dns-oarc.net>. You can self\- subscribe to our Community chat there. All DNS All Day long. Also, we operate the dns-operations@dns-oarc.net, and several other lists and initiatives that are operational DNS focused. Feel free to reach out with questions. I will be at NANOG in Bellevue in a few months too if you are attending. Kind regards, Steve Sullivan Membership Coordinator OARC Mattermost Chat: @stevos https://linktr.ee/dnsoarc On 4/6/2026 7:08 PM, Betsy Schwartz via NANOG wrote:
We're getting reports of users trying to log in or request 2FA emails from Cloudflare sites (ex: California DMV) but seeing errors that our well.com domain isn't recognized as valid. Well.com has been around since 1993 and our primary DNS hasn't changed since perhaps 2012. . Excerpts appended for reference.
I strongly suspect these errors are related to a Cloudflare security check for valid email domains. Hoping someone here can validate or disprove this. If it's a Cloudflare issue, any contacts here?
When I poke at an open cloudflare DNS server and look up the A for well.com I get a disturbing error: : server can't find well.com.well.sf.ca.us:
well.sf.ca.us is an antique (but valid) A record in the sf.ca.us zone and has no business appearing here. Did something drop a period or CRLF on a list somewhere?
When I query AWS and Google DNS servers, our DNS looks correct and unchanged Thank you very much for any pointers!
Betsy
-- Correct info:
set type=any well.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: well.com Address: 23.22.72.90 well.com nameserver = ns-1783.awsdns-30.co.uk. well.com nameserver = ns-1103.awsdns-09.org. well.com nameserver = ns-805.awsdns-36.net. well.com nameserver = ns-459.awsdns-57.com. well.com origin = ns-1103.awsdns-09.org mail addr = awsdns-hostmaster.amazon.com <snip> well.com mail exchanger = 15 xmx.well.com. <snip> -- whois well.com [Querying whois.verisign-grs.com] Domain Name: WELL.COM Registry Domain ID: 4562093_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.enom.com Registrar URL:http://www.enomdomains.com Updated Date: 2020-01-24T18:46:10Z Creation Date: 1993-01-25T05:00:00Z Registry Expiry Date: 2029-01-26T05:00:00Z <snip> Name Server: NS-1103.AWSDNS-09.ORG Name Server: NS-1783.AWSDNS-30.CO.UK Name Server: NS-459.AWSDNS-57.COM Name Server: NS-805.AWSDNS-36.NET <snip>
NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/6BU667JN...