Error during installation: 'DNS problem: query timed out looking up MX'


#1

I installed letsencrypt on my server and try now to create certificates using the command:
letsencrypt-auto

During the installation I am asked for the domain name and an email address. After entering the email address the instal helper application crashed and shows the following error message:

An unexpected error occurred:
The provided email for a registration was invalid :: DNS problem: query timed out looking up MX for posteo.de
Please see the logfiles in /var/log/letsencrypt for more details.

The log shows:

2016-03-17 13:30:58,817:DEBUG:acme.client:Received response <Response [400]> (headers: {'Content-Length': '106', 'Expires': 'Thu, 17 Mar 2016 13:30:58 GMT', 'Server': 'nginx', 'Connection': 'close', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 17 Mar 2016 13:30:58 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': 'iw7wxLXO5DF2BuGPL7YWtCIaPkmgtQ0yJzdMRelUsg4'}): '{"type":"urn:acme:error:invalidEmail","detail":"DNS problem: query timed out looking up MX for posteo.de"}'
2016-03-17 13:30:58,821:DEBUG:letsencrypt.cli:Exiting abnormally:
Traceback (most recent call last):
  File "/home/jukey/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module>
    sys.exit(main())
  File "/home/jukey/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py", line 1993, in main
    return config.func(config, plugins)
  File "/home/jukey/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py", line 661, in run
    le_client = _init_le_client(config, authenticator, installer)
  File "/home/jukey/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py", line 207, in _init_le_client
    acc, acme = _determine_account(config)
  File "/home/jukey/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py", line 192, in _determine_account
    config, account_storage, tos_cb=_tos_cb)
  File "/home/jukey/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py", line 118, in register
    regr = perform_registration(acme, config)
  File "/home/jukey/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py", line 148, in perform_registration
    return acme.register(messages.NewRegistration.from_data(email=config.email))
  File "/home/jukey/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py", line 98, in register
    response = self.net.post(self.directory[new_reg], new_reg)
  File "/home/jukey/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py", line 652, in post
    return self._check_response(response, content_type=content_type)
  File "/home/jukey/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py", line 568, in _check_response
    raise messages.Error.from_json(jobj)
Error: urn:acme:error:invalidEmail :: The provided email for a registration was invalid :: DNS problem: query timed out looking up MX for posteo.de

Using the shell command:
dig IN MX posteo.de just works fine…

Is there a way to skip this mail thing?


#2

You can use the option --register-unsafely-without-email. indeed your dns setup looks fine, so this may be a network issue on LE side.
I read something about make email validation not mandatory (on github I think but I cannot find it now), id est, mail validation is just here to catch people typos and should not stop completely the process but instead print a warning.


#3

Here I found it:

Also, as part of that work, I’d like to start treating a timeout during
validation of the email address as “ok” rather than “fail.” We’re doing
best-effort checking against typos, so we don’t need to be as strict as
we are today.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.